New Update Defender Hardening Console Executable

[Shadowra]

Pretty sure it’s not a problem, can you try on a real system and see if it will load?

In my system (Kaspersky Plus)

 

[Trident]

In my system (Kaspersky Plus)

View attachment 294185

That’s the expected behaviour with Kaspersky, all features will be disabled. For the scan, keep in mind that Kaspersky will probably restrict the app till I get digital signature (potentially EV).

We’ll find out why it fails on a VM.

 

[Shadowra]

That’s the expected behaviour with Kaspersky, all features will be disabled. For the scan, keep in mind that Kaspersky will probably restrict the app till I get digital signature (potentially EV).

We’ll find out why it fails on a VM.

Found it! Missing Net Framework...
Everything's fine

I'm going to play around with it a bit since I have time; his video is scheduled for mid-January

 

[Trident]

Found it! Missing Net Framework...
Everything's fine

View attachment 294186

I'm going to play around with it a bit since I have time; his video is scheduled for mid-January

.net framework or Microsoft Visual C++ redistributable? Because my project is not using .net.

.net for me in my project is a no-no

The software is written in C++ 23 with loops optimised for Advanced Vector Extensions 512.

When you look at the raw byte representation in hex, there are loads of ÅùïÀ (VZEROUPPER), Åø (VMOVAPS) and so on. This is all vectorised assembly code (starting with Å).

But I am using PowerShell for some tasks so that may be using .net


Whichever one is missing, I will have to add paths for it to be downloaded and installed…

 

[Shadowra]

.net framework or Microsoft Visual C++ redistributable? Because my project is not using .net.

.net for me in my project is a no-no

The software is written in C++ 23 with loops optimised for Advanced Vector Extensions 512.

When you look at the raw byte representation in hex, there are loads of ÅùïÀ (VZEROUPPER), Åø (VMOVAPS) and so on. This is all vectorised assembly code (starting with Å).

But I am using PowerShell for some tasks so that may be using .net


Whichever one is missing, I will have to add paths for it to be downloaded and installed…

No idea, I updated both and it stopped crashing.

 

[Trident]

No idea, I updated both and it stopped crashing.

It is probably the VS C++ redistributable, Trend Micro for example is written in Visual C++ and they install the redistributable with the product if you’ve noticed. I will need to do something similar.

Anyway, you’ve helped a lot

 

[Trident]

@Shadowra in this case I will release the 1.38 engine and squash some bugs before the test.

Fortunately, the engine is integrated in a way that I just need to copy/paste the new engine code…

The bug that @Kongo experiences will be fixed now.

The update will be released soon.

 

[Trident]

New update published (you will notice that that the size of the executable has now increased to over a megabyte)

Added version info, click on the Help and Support button

Upgraded scan engine from 1.01 to 1.38. This by itself most likely fixes the issue @Kongo reported, plus it adds the following:

-Fileless malware command line scan
-Cloud check for suspicious services
-Botnet detection functionality
-Upgraded heuristics package

Minor UI improvements, including those that are required to accommodate the new engine

UI optimization to eliminate CPU and GPU usage on idle.

https://deploy.hea-p.com/executable/AiDefender.exe

 

[Mops21]

Hi @Trident

Can I use your software on Windows 8.1

Any roadmap available

Any multilanguage support available

Mops21

 

[Trident]

Hi @Trident

Can I use your software on Windows 8.1

Any roadmap available

Any multilanguage support available

Mops21

Hello @Mops21 ,

The software is not compatible with Windows 8.1.
This version of Windows is now long out of support and if I build the tool to be compatible, it will significantly hurt the performance for all users. As of 2025, the 8.1 market share is ~0.2%.

Multi-language support at this time is not planned.

This would require a significant refactoring (which is not impossible). I will have to remove all strings hardcoded from the UI, put them in JSON files (US_English.json, Deutsch.json and so on) and feed them to the UI.

It is doable but at this moment it is not really required because first:
The UI rapidly changes (this is not how the final product strings will sound, I like more witty, less formal language)—every time I change something, I will have to update a dozen of language files, and second, the audience is not large.
If the audience grows then I will go through the necessary refactoring to add more languages.

Roadmap-wise, most of the updates will be to the Helios UltraQuick and Deep Firewall Control.
If I think if any innovative feature I can add, it will be added.

Sometimes I would walk around the supermarket detergent isle and an idea or heuristic would hit me…

 

[Jonny Quest]

@Trident LOL, love it, you just never know when or where an idea will hit you

Sometimes I would walk around the supermarket detergent isle and an idea or heuristic would hit me…

 

[Gandalf_The_Grey]

New update published (you will notice that that the size of the executable has now increased to over a megabyte)

Added version info, click on the Help and Support button
View attachment 294187

Upgraded scan engine from 1.01 to 1.38. This by itself most likely fixes the issue @Kongo reported, plus it adds the following:

-Fileless malware command line scan
-Cloud check for suspicious services
-Botnet detection functionality
-Upgraded heuristics package

View attachment 294188

Minor UI improvements, including those that are required to accommodate the new engine

UI optimization to eliminate CPU and GPU usage on idle.

https://deploy.hea-p.com/executable/AiDefender.exe

New release, looks and works great
Thanks for adding the version info.

 

[Trident]

@Trident LOL, love it, you just never know when or where an idea will hit you

Last time I was on my out when some network botnet detection heuristics hit me
The software currently uses 40+ of which some are suitable to detect CobaltStrike and others.

New release, looks and works great
Thanks for adding the version info.

Previous version, the UI used 500 megs, here it has been reduced to 250.
The CPU usage on idle was spiking every now and then to 5, 10, 20%, now it is 0-%.

The rules processing is now also quicker.

Over the next few releases, some more performance improvements will be implemented.

Specially as ideas how to make everything quicker just occur to me

 

[Kongo]

New update published (you will notice that that the size of the executable has now increased to over a megabyte)

Added version info, click on the Help and Support button
View attachment 294187

Upgraded scan engine from 1.01 to 1.38. This by itself most likely fixes the issue @Kongo reported, plus it adds the following:

-Fileless malware command line scan
-Cloud check for suspicious services
-Botnet detection functionality
-Upgraded heuristics package

View attachment 294188

Minor UI improvements, including those that are required to accommodate the new engine

UI optimization to eliminate CPU and GPU usage on idle.

https://deploy.hea-p.com/executable/AiDefender.exe

Can confirm. It's fixed. Thank you!

 

[Trident]

Can confirm. It's fixed. Thank you!

No, thank you!

 

[simmerskool]

Last time I was on my out when some network botnet detection heuristics hit me

Specially as ideas how to make everything quicker just occur to me

are you using any AI/LLM for ideas and optimization?

 

[Trident]

are you using any AI/LLM for ideas and optimization?

For ideas no, for optimisation yes.

For ideas I usually write them in notes.

 

[Mops21]

Hello @Mops21 ,

The software is not compatible with Windows 8.1.
This version of Windows is now long out of support and if I build the tool to be compatible, it will significantly hurt the performance for all users. As of 2025, the 8.1 market share is ~0.2%.

Multi-language support at this time is not planned.

This would require a significant refactoring (which is not impossible). I will have to remove all strings hardcoded from the UI, put them in JSON files (US_English.json, Deutsch.json and so on) and feed them to the UI.

It is doable but at this moment it is not really required because first:
The UI rapidly changes (this is not how the final product strings will sound, I like more witty, less formal language)—every time I change something, I will have to update a dozen of language files, and second, the audience is not large.
If the audience grows then I will go through the necessary refactoring to add more languages.

Roadmap-wise, most of the updates will be to the Helios UltraQuick and Deep Firewall Control.
If I think if any innovative feature I can add, it will be added.

Sometimes I would walk around the supermarket detergent isle and an idea or heuristic would hit me…

Hi @Trident

Thank you very much for your infos

Mops21

 

[kamiloxf]

@Trident
The latest version still doesn't work with SentinelOne active, and I have one question: what is the purpose of using Base64 for antivirus solution detection in Powershell Cmdlet?

 

[Trident]

@Trident
The latest version still doesn't work with SentinelOne active, and I have one question: what is the purpose of using Base64 for antivirus solution detection in Powershell Cmdlet?

Hello, I am working on it at the moment. There is a very high number of features and functions to add so it is impossible to add all of them overnight. The purpose of base64 is to add yet another layer that prevents snooping by malware.