Misc

Miscellaneous Code and Docs

docs

• docs (mostly for historical purposes)

bin

• compiled versions of the some tools listed below

source\ApiSetSchemaView

• Windows ApiSetSchema Viewer (V2, V4, V6)

source\StripDebug

• Removes debug information left by VisualStudio 2015+

source\AMSI

• AMSI related experiments
  • sources\AMSI\AmsiProviderATL AMSI provider client/server written in C++ using ATL
  • sources\AMSI\AmsiProviderC AMSI provider server written in C (works with client from ATL version)

source\IntelNal

• Intel QV Linux kernel driver (upload for quick references)

source\ROS

• ReactOS related code
  • sources\ROS\win32u ReactOS win32u dll (0.4.10 - 0.4.14)
  • sources\ROS\srvany2 Run application as service

source\SecTrash

• Various AV/Security bugs and related trash found in the beginning of 2020

source\WormholeDrivers

• Collection of "wormhole" open source drivers widely used by hardware vendors sometimes in unmodified state

source\DSEPatch

• DSE patch based on CI callbacks modification, see dsepatch\readme for more info

source\wdextract (for a more advanced version visit https://github.com/hfiref0x/wdextract)

• Extract Windows Defender database from vdm files and unpack it

source\DrvTools

• Auxiliary utility to work with Windows Drivers

Authors

• (c) Daniloff & Co
• (c) Intel QV authors
• (c) PHYMEM, MAPMEM, WINIO, WINRING0 authors
• (c) hfiref0x tools/source 2015 - 2023, hfiref0x