An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

Cyberpunk 2077 tweaks, hacks and scripting framework

Total Registry - enhanced Registry editor/viewer

Virtual-machine Translation Intermediate Language

IDA plugin and loader for UEFI firmware analysis and reverse engineering automation

RpcView is a free tool to explore and decompile Microsoft RPC interfaces

VirtualKD-Redux - A revival and modernization of VirtualKD

pdbex is a utility for reconstructing structures and unions from the PDB into compilable C headers

Sample extensions, scripts, and API uses for WinDbg.

Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.

Texture processing tools with support for Direct3D 10 and 11 formats.

Rearrange windows on traybar icon click after docking the laptop

converter of DMD CodeView/DWARF debug information to PDB files

Signtool for expired certificates

A library to develop kernel level Windows payloads for post HVCI era

Nyxstone: assembly / disassembly library based on LLVM, implemented in C++ with Rust and Python bindings, maintained by emproof.com

Kernel-mode Paravirtualization in Ring 2, LLVM based linker, and some other things!

Open source implementations of Microsoft compression algorithms

Doom running in the NT kernel

An application that replaces the native Open With dialog with one styled after old Windows versions.

My DirectX 11 MLAA & SMAA implementation