Block or Report
Block or report hfiref0x
Contact GitHub support about this user’s behavior. Learn more about reporting abuse.
Report abuse-
LightFTP Public
Small x86-32/x64 FTP Server
-
SXSEXP Public
Expand compressed files from WinSxS folder
-
WinObjEx64 Public
Windows Object Explorer 64-bit
-
SyscallTables Public
Windows NT x64 Syscall tables
-
-
KDU Public
Kernel Driver Utility
-
UACME Public
Defeating Windows User Account Control
-
AuthHashCalc Public
Authenticode Hash Calculator for PE32/PE32+ files
-
Misc Public
Miscellaneous Code and Docs
-
-
NtCall64 Public
Windows NT x64 syscall fuzzer
-
-
RpcView Public archive
Forked from silverf0x/RpcView(This is a fork used primarily to submit patches into upstream repository) RpcView is a free tool to explore and decompile Microsoft RPC interfaces
-
VBoxHardenedLoader Public archive
VirtualBox VM detection mitigation loader
-
AR4FFC Public archive
Archive repository for fast fact-checks
-
-
-
WDExtract Public
Extract Windows Defender database from vdm files and unpack it
-
al-khaser Public archive
Forked from LordNoteworthy/al-khaser(This is a fork used primarily to submit patches into upstream repository) Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
-
pdbex Public archive
Forked from wbenny/pdbex(This is a fork used primarily to submit patches into upstream repository) pdbex is a utility for reconstructing structures and unions from the PDB into compilable C headers
-
ROCALL Public archive
ReactOS x86-32 syscall fuzzer
-
BSODScreen Public archive
BSOD Screensaver
-
TDL Public archive
Driver loader for bypassing Windows x64 Driver Signature Enforcement
-
MpEnum Public archive
Enumerate Windows Defender threat families and dump their names according category
-
UPGDSED Public archive
Universal PatchGuard and Driver Signature Enforcement Disable
-
DSEFix Public archive
Windows x64 Driver Signature Enforcement Overrider
-
Stryker Public archive
Multi-purpose proof-of-concept tool based on CPU-Z CVE-2017-15303
-
CVE-2015-1701 Public archive
Win32k LPE vulnerability used in APT attack
-
ZeroAccess Public archive
ZeroAccess v3 toolkit
-
VMDE Public archive
Source from VMDE paper, adapted to 2015