hfiref0x/MpEnum external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

hfiref0x/MpEnum

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/hfiref0x/MpEnum)

Close

hfiref0x / MpEnumView on GitHubMore

• External links
• Readme badge

Enumerate Windows Defender threat families and dump their names according category

☆97Apr 16, 2026Updated last month

Alternatives and similar repositories for MpEnum

Users that are interested in MpEnum are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• hfiref0x / ROCALL

  View on GitHub
  ReactOS x86-32 syscall fuzzer
  ☆59Jul 5, 2025Updated 11 months ago
• hfiref0x / WDExtract

  View on GitHub
  Extract Windows Defender database from vdm files and unpack it
  ☆488Apr 21, 2026Updated last month
• dro / uac-launchinf-poc

  View on GitHub
  Windows 10 UAC bypass PoC using LaunchInfSection
  ☆35Aug 3, 2018Updated 7 years ago
• hfiref0x / Misc

  View on GitHub
  Miscellaneous Code and Docs
  ☆85Jul 12, 2025Updated 11 months ago
• hfiref0x / al-khaser

  View on GitHub
  (This is a fork used primarily to submit patches into upstream repository) Public malware techniques used in the wild: Virtual Machine, E…
  ☆19May 31, 2025Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• 0xAlexei / WindowsDefenderTools

  View on GitHub
  Tools for instrumenting Windows Defender's mpengine.dll
  ☆319Oct 25, 2018Updated 7 years ago
• changeofpace / Remote-Process-Cookie-for-Windows-7

  View on GitHub
  Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.
  ☆23May 31, 2017Updated 9 years ago
• SLAUC91 / SDS

  View on GitHub
  Software Distribution Service
  ☆12Jul 2, 2015Updated 10 years ago
• tandasat / CVE-2014-0816

  View on GitHub
  CVE-2014-0816
  ☆25Oct 5, 2016Updated 9 years ago
• tandasat / cs_driver

  View on GitHub
  A sample project for using Capstone from a driver in Visual Studio 2015
  ☆37May 4, 2016Updated 10 years ago
• hfiref0x / BSODScreen

  View on GitHub
  BSOD Screensaver
  ☆45Jul 5, 2025Updated 11 months ago
• RanchoIce / 44Con2018

  View on GitHub
  Slides of 44Con 2018
  ☆23Oct 11, 2018Updated 7 years ago
• DownWithUp / CVE-2018-15499

  View on GitHub
  PoC code for CVE-2018-15499 (exploit race condition for BSoD)
  ☆11Aug 23, 2018Updated 7 years ago
• hfiref0x / Stryker

  View on GitHub
  Multi-purpose proof-of-concept tool based on CPU-Z CVE-2017-15303
  ☆113Feb 25, 2018Updated 8 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• ghonsa / DeviceDmp

  View on GitHub
  Windows device tree walker
  ☆15Sep 19, 2018Updated 7 years ago
• mandiant / flare-kscldr

  View on GitHub
  FLARE Kernel Shellcode Loader
  ☆175May 3, 2019Updated 7 years ago
• deroko / SPPLUAObjectUacBypass

  View on GitHub
  ☆47Jun 14, 2018Updated 8 years ago
• tandasat / DebugLogger

  View on GitHub
  A software driver that lets you log kernel-mode debug output into a file on Windows.
  ☆107Jul 24, 2018Updated 7 years ago
• int0 / pinlog

  View on GitHub
  API logger plugin for Intel Pintool
  ☆14Nov 19, 2017Updated 8 years ago
• hfiref0x / Vault

  View on GitHub
  Various code from the past (for historical purposes)
  ☆17Aug 4, 2023Updated 2 years ago
• binbibi / libedge

  View on GitHub
  Microsoft Edge Microsoft Edge主页算法
  ☆20Apr 15, 2019Updated 7 years ago
• tinysec / windows-syscall-table

  View on GitHub
  windows syscall table from xp ~ 10 rs4
  ☆355Jun 8, 2018Updated 8 years ago
• hfiref0x / ZeroAccess

  View on GitHub
  ZeroAccess v3 toolkit
  ☆168Dec 18, 2017Updated 8 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• DownWithUp / CVE-2018-16712

  View on GitHub
  PoC Code for CVE-2018-16712 (exploit by MmMapIoSpace)
  ☆25Dec 1, 2018Updated 7 years ago
• 0xcpu / WinAltSyscallHandler

  View on GitHub
  Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999
  ☆243Nov 6, 2019Updated 6 years ago
• tandasat / hyperplatform_log_parser

  View on GitHub
  User-mode program parsing logs created by HyperPlatform
  ☆18Aug 15, 2016Updated 9 years ago
• egtra / ndiscap-packet

  View on GitHub
  Windows ndiscap.sys adapter for WinPcap applications
  ☆29Jun 26, 2016Updated 9 years ago
• MartinDrab / Hackerfest2015

  View on GitHub
  Demos presented on Hackerfest 2015
  ☆14Nov 9, 2015Updated 10 years ago
• OSRDrivers / deleteex

  View on GitHub
  Demonstrate the new FileDispositionInfoEx behavior
  ☆15Nov 6, 2017Updated 8 years ago
• Yara-Rules / yara-tester-bot

  View on GitHub
  Telegram Bot that performs checks of the yararules.com ruleset
  ☆13May 13, 2016Updated 10 years ago
• HyperSine / SdoKeyCrypt-sys-local-privilege-elevation

  View on GitHub
  CVE-2019-9729. Transferred from https://github.com/DoubleLabyrinth/SdoKeyCrypt-sys-local-privilege-elevation
  ☆83Mar 13, 2019Updated 7 years ago
• yisonPylkita / powershell_cpp

  View on GitHub
  PowerShell interpreter for unmanaged (non CLI) C++ projects
  ☆16Jul 19, 2017Updated 8 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• cloudbase / HyperVPCapExt

  View on GitHub
  Hyper-V virtual switch packet capturing extension with libpcap / Wireshark format
  ☆13Jun 3, 2014Updated 12 years ago
• tandasat / EopMon

  View on GitHub
  Elevation of privilege detector based on HyperPlatform
  ☆123Mar 5, 2017Updated 9 years ago
• int0 / ltmdm64_poc

  View on GitHub
  ☆30May 23, 2017Updated 9 years ago
• Darkabode / zerokit

  View on GitHub
  Zerokit/GAPZ rootkit (non buildable and only for researching)
  ☆184Mar 30, 2019Updated 7 years ago
• hasherezade / loaderine

  View on GitHub
  A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.
  ☆20Apr 13, 2018Updated 8 years ago
• dro / dell-flash64w-eop

  View on GitHub
  Escalation of privilege exploit for Dell BIOS flasher (Flash64W) (2017)
  ☆13Dec 7, 2020Updated 5 years ago
• aaaddress1 / APCInjector-BYPASS-AV

  View on GitHub
  ☆19Jul 20, 2015Updated 10 years ago