MacOS inside a Docker container.

A tool uses the QoS Policy (Pacer.sys) to throttle Endpoint Detection and Response (EDR) agents from connecting to the server.

RoguePlanet Windows Defender Vulnerability

Rust implementation of Tailscale (preview, experimental)

A template for Rust based BOF-PEs

A third-party cryptography library for custom Cobalt Strike beacons

Idiomatic Rust Bindings for Windows Hypervisor Platform

Zoo Code gives you a whole dev team of AI agents in your code editor.

Multiplatform MEMORY.DMP analysis tool with a WinDbg flavor

An IDA Pro / Hex-Rays plugin that turns noisy pseudocode into reviewable, kernel-aware cleanup artifacts

The FLS

This repository offers an open-source C++ SDK bindings for IDA, enabling custom plugin development and automation.

A neon audio utility that controls real Windows playback devices directly, auto-switches on game launch

A Rust decompiler built on top of angr

My notes while studying Windows internals

Windows rootkit for Intel x64 with 25+ features, demonstrating rootkit techniques compatible with all Windows 10 and Windows 11 versions.

Full exploit code for CVE-2026-40369 - A Windows kernel arbitrary write vulnerability that allows browser sandbox escape from all browsers render process sandbox

Call stack spoofing for Rust

Browse and diff ETW provider snapshots across Windows builds. Backed by ETWInspector.

LLVM based devirtualizer for the binaryshield software protector.

Simple Yet Powerful Anti-Detect Browser 🍩

Hyper-V related resources

Static analysis & exploitation-triage toolkit for Windows kernel drivers. Discover IOCTLs, Symbolic Links, and check cert , and Downlaods BYOVD

Creating attacks paths across management and data planes

Advanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_std, ...

Document ETW providers

PoC Implementation of a fully dynamic call stack spoofer