hfiref0x/MpEnum external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

hfiref0x/MpEnum

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/hfiref0x/MpEnum)

Close

hfiref0x / MpEnumView on GitHubMore

• External links
• Readme badge

Enumerate Windows Defender threat families and dump their names according category

☆95May 27, 2019Updated 6 years ago

Alternatives and similar repositories for MpEnum

Users that are interested in MpEnum are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• hfiref0x / ROCALL

  View on GitHub
  ReactOS x86-32 syscall fuzzer
  ☆58Jul 5, 2025Updated 9 months ago
• hfiref0x / WDExtract

  View on GitHub
  Extract Windows Defender database from vdm files and unpack it
  ☆480Updated this week
• dro / uac-launchinf-poc

  View on GitHub
  Windows 10 UAC bypass PoC using LaunchInfSection
  ☆35Aug 3, 2018Updated 7 years ago
• hfiref0x / al-khaser

  View on GitHub
  (This is a fork used primarily to submit patches into upstream repository) Public malware techniques used in the wild: Virtual Machine, E…
  ☆19May 31, 2025Updated 10 months ago
• 0xAlexei / WindowsDefenderTools

  View on GitHub
  Tools for instrumenting Windows Defender's mpengine.dll
  ☆312Oct 25, 2018Updated 7 years ago
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• hfiref0x / Misc

  View on GitHub
  Miscellaneous Code and Docs
  ☆84Jul 12, 2025Updated 9 months ago
• changeofpace / Remote-Process-Cookie-for-Windows-7

  View on GitHub
  Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.
  ☆23May 31, 2017Updated 8 years ago
• SLAUC91 / SDS

  View on GitHub
  Software Distribution Service
  ☆12Jul 2, 2015Updated 10 years ago
• hfiref0x / BSODScreen

  View on GitHub
  BSOD Screensaver
  ☆43Jul 5, 2025Updated 9 months ago
• RanchoIce / 44Con2018

  View on GitHub
  Slides of 44Con 2018
  ☆23Oct 11, 2018Updated 7 years ago
• DownWithUp / CVE-2018-15499

  View on GitHub
  PoC code for CVE-2018-15499 (exploit race condition for BSoD)
  ☆11Aug 23, 2018Updated 7 years ago
• hfiref0x / Stryker

  View on GitHub
  Multi-purpose proof-of-concept tool based on CPU-Z CVE-2017-15303
  ☆112Feb 25, 2018Updated 8 years ago
• ghonsa / DeviceDmp

  View on GitHub
  Windows device tree walker
  ☆15Sep 19, 2018Updated 7 years ago
• mandiant / flare-kscldr

  View on GitHub
  FLARE Kernel Shellcode Loader
  ☆177May 3, 2019Updated 6 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• deroko / SPPLUAObjectUacBypass

  View on GitHub
  ☆47Jun 14, 2018Updated 7 years ago
• tandasat / DebugLogger

  View on GitHub
  A software driver that lets you log kernel-mode debug output into a file on Windows.
  ☆109Jul 24, 2018Updated 7 years ago
• int0 / pinlog

  View on GitHub
  API logger plugin for Intel Pintool
  ☆14Nov 19, 2017Updated 8 years ago
• hfiref0x / Vault

  View on GitHub
  Various code from the past (for historical purposes)
  ☆16Aug 4, 2023Updated 2 years ago
• binbibi / libedge

  View on GitHub
  Microsoft Edge Microsoft Edge主页算法
  ☆20Apr 15, 2019Updated 7 years ago
• tinysec / windows-syscall-table

  View on GitHub
  windows syscall table from xp ~ 10 rs4
  ☆356Jun 8, 2018Updated 7 years ago
• hfiref0x / ZeroAccess

  View on GitHub
  ZeroAccess v3 toolkit
  ☆167Dec 18, 2017Updated 8 years ago
• DownWithUp / CVE-2018-16712

  View on GitHub
  PoC Code for CVE-2018-16712 (exploit by MmMapIoSpace)
  ☆25Dec 1, 2018Updated 7 years ago
• 0xcpu / WinAltSyscallHandler

  View on GitHub
  Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999
  ☆242Nov 6, 2019Updated 6 years ago
• Serverless GPU API endpoints on Runpod - Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• tandasat / cs_driver

  View on GitHub
  A sample project for using Capstone from a driver in Visual Studio 2015
  ☆37May 4, 2016Updated 9 years ago
• egtra / ndiscap-packet

  View on GitHub
  Windows ndiscap.sys adapter for WinPcap applications
  ☆28Jun 26, 2016Updated 9 years ago
• OSRDrivers / deleteex

  View on GitHub
  Demonstrate the new FileDispositionInfoEx behavior
  ☆15Nov 6, 2017Updated 8 years ago
• MartinDrab / Hackerfest2015

  View on GitHub
  Demos presented on Hackerfest 2015
  ☆14Nov 9, 2015Updated 10 years ago
• Yara-Rules / yara-tester-bot

  View on GitHub
  Telegram Bot that performs checks of the yararules.com ruleset
  ☆13May 13, 2016Updated 9 years ago
• HyperSine / SdoKeyCrypt-sys-local-privilege-elevation

  View on GitHub
  CVE-2019-9729. Transferred from https://github.com/DoubleLabyrinth/SdoKeyCrypt-sys-local-privilege-elevation
  ☆83Mar 13, 2019Updated 7 years ago
• cloudbase / HyperVPCapExt

  View on GitHub
  Hyper-V virtual switch packet capturing extension with libpcap / Wireshark format
  ☆13Jun 3, 2014Updated 11 years ago
• yisonPylkita / powershell_cpp

  View on GitHub
  PowerShell interpreter for unmanaged (non CLI) C++ projects
  ☆16Jul 19, 2017Updated 8 years ago
• int0 / ltmdm64_poc

  View on GitHub
  ☆30May 23, 2017Updated 8 years ago
• Serverless GPU API endpoints on Runpod - Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• Darkabode / zerokit

  View on GitHub
  Zerokit/GAPZ rootkit (non buildable and only for researching)
  ☆185Mar 30, 2019Updated 7 years ago
• hasherezade / loaderine

  View on GitHub
  A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.
  ☆22Apr 13, 2018Updated 8 years ago
• dro / dell-flash64w-eop

  View on GitHub
  Escalation of privilege exploit for Dell BIOS flasher (Flash64W) (2017)
  ☆13Dec 7, 2020Updated 5 years ago
• aaaddress1 / APCInjector-BYPASS-AV

  View on GitHub
  ☆19Jul 20, 2015Updated 10 years ago
• deroko / payloadrestrictions

  View on GitHub
  ☆36Sep 5, 2017Updated 8 years ago
• tandasat / CVE-2014-0816

  View on GitHub
  CVE-2014-0816
  ☆26Oct 5, 2016Updated 9 years ago
• aleksost / MemoryDecompression

  View on GitHub
  Tool to decompress data from Windows 10 page files and memory dumps, that has been compressed by the Windows 10 memory manager.
  ☆51Apr 9, 2019Updated 7 years ago