docs
- docs (mostly for historical purposes)
bin
- compiled versions of the some tools listed below
source\ApiSetSchemaView
- Windows ApiSetSchema Viewer (V2, V4, V6)
source\StripDebug
- Removes debug information left by VisualStudio 2015+
source\AMSI
- AMSI related experiments
- sources\AMSI\AmsiProviderATL AMSI provider client/server written in C++ using ATL
- sources\AMSI\AmsiProviderC AMSI provider server written in C (works with client from ATL version)
source\IntelNal
- Intel QV Linux kernel driver (upload for quick references)
source\ROS
- ReactOS related code
- sources\ROS\win32u ReactOS win32u dll (0.4.10 - 0.4.14)
- sources\ROS\srvany2 Run application as service
source\SecTrash
- Various AV/Security bugs and related trash found in the beginning of 2020
source\WormholeDrivers
- Collection of "wormhole" open source drivers widely used by hardware vendors sometimes in unmodified state
source\DSEPatch
- DSE patch based on CI callbacks modification, see dsepatch\readme for more info
source\wdextract (for a more advanced version visit https://github.com/hfiref0x/wdextract)
- Extract Windows Defender database from vdm files and unpack it
source\DrvTools
- Auxiliary utility to work with Windows Drivers
- (c) Daniloff & Co
- (c) Intel QV authors
- (c) PHYMEM, MAPMEM, WINIO, WINRING0 authors
- (c) hfiref0x tools/source 2015 - 2023, hfiref0x