hfiref0x

Pinned Repositories

DSEFix
Windows x64 Driver Signature Enforcement Overrider
Language:C684 44 13245
KDU
Kernel Driver Utility
Language:C1.8k 66 65417
LightFTP
Small x86-32/x64 FTP Server
Language:C220 19 2583
NtCall64
Windows NT x64 syscall fuzzer
Language:C551 23 1102
SyscallTables
Windows NT x64 Syscall tables
Language:C1.1k 54 2236
TDL
Driver loader for bypassing Windows x64 Driver Signature Enforcement
Language:C1k 77 28332
UACME
Defeating Windows User Account Control
Language:C6k 278 1161.3k
UPGDSED
Universal PatchGuard and Driver Signature Enforcement Disable
Language:C808 67 32258
VBoxHardenedLoader
VirtualBox VM detection mitigation loader
Language:C909 73 93276
WinObjEx64
Windows Object Explorer 64-bit
Language:C1.6k 63 22290

hfiref0x's Repositories

hfiref0x/UACME
Defeating Windows User Account Control
Language:C6k 278 1161.3k
hfiref0x/KDU
Kernel Driver Utility
Language:C1.8k 66 65417
hfiref0x/WinObjEx64
Windows Object Explorer 64-bit
Language:C1.6k 63 22290
hfiref0x/SyscallTables
Windows NT x64 Syscall tables
Language:C1.1k 54 2236
hfiref0x/TDL
Driver loader for bypassing Windows x64 Driver Signature Enforcement
Language:C1k 77 28332
hfiref0x/VBoxHardenedLoader
VirtualBox VM detection mitigation loader
Language:C909 73 93276
hfiref0x/UPGDSED
Universal PatchGuard and Driver Signature Enforcement Disable
Language:C808 67 32258
hfiref0x/DSEFix
Windows x64 Driver Signature Enforcement Overrider
Language:C684 44 13245
hfiref0x/NtCall64
Windows NT x64 syscall fuzzer
Language:C551 23 1102
hfiref0x/WDExtract
Extract Windows Defender database from vdm files and unpack it
Language:C397 14 461
hfiref0x/CVE-2015-1701
Win32k LPE vulnerability used in APT attack
Language:C284 34 2179
hfiref0x/WubbabooMark
Debugger Anti-Detection Benchmark
Language:C274 7 539
hfiref0x/LightFTP
Small x86-32/x64 FTP Server
Language:C220 19 2583
hfiref0x/VMDE
Source from VMDE paper, adapted to 2015
Language:C173 20 163
hfiref0x/ZeroAccess
ZeroAccess v3 toolkit
Language:C159 20 099
hfiref0x/SXSEXP
Expand compressed files from WinSxS folder
Language:C136 10 543
hfiref0x/Stryker
Multi-purpose proof-of-concept tool based on CPU-Z CVE-2017-15303
Language:C107 11 061
hfiref0x/AuthHashCalc
Authenticode Hash Calculator for PE32/PE32+ files
Language:C98 6 530
hfiref0x/MpEnum
Enumerate Windows Defender threat families and dump their names according category
Language:C85 6 226
hfiref0x/Misc
Miscellaneous Code and Docs
Language:C78 5 023
hfiref0x/ROCALL
ReactOS x86-32 syscall fuzzer
Language:C48 8 057
hfiref0x/BSODScreen
BSOD Screensaver
Language:C38 5 117
hfiref0x/AsIo3Unlock
ASUSTeK AsIO3 I/O driver unlock
Language:C19 3 04
hfiref0x/al-khaser
(This is a fork used primarily to submit patches into upstream repository) Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Language:C++18 2 09
hfiref0x/RpcView
(This is a fork used primarily to submit patches into upstream repository) RpcView is a free tool to explore and decompile Microsoft RPC interfaces
Language:C++16 2 07
hfiref0x/Vault
Various code from the past (for historical purposes)
Language:Pascal12 3 012
hfiref0x/hfiref0x.github.io
Language:HTML11 3 01
hfiref0x/LightFTP_win
Language:C10 4 05
hfiref0x/pdbex
(This is a fork used primarily to submit patches into upstream repository) pdbex is a utility for reconstructing structures and unions from the PDB into compilable C headers
Language:C++4 3 07
hfiref0x/AR4FFC
Archive repository for fast fact-checks
3 3 03