Driver + DLL which allows us to open handles to callback-protected processes

UltimateAnticheat is an open source usermode anti-cheat system made to detect and prevent common attack vectors in game cheating (C++, Windows)

An experiment to make reverse engineering of game structures more difficult, by using shared mapped views

PE Sections Packer + Loader for Windows - Packs a DLL/EXE file and maps it into the loader (C/C++)

A generic detection engine (.lib) for Windows which uses downloadable custom rulesets to detect & block processes. Can be used in anti-virus, anti-cheat, anti-crypto mining, etc.

Lock-free circular buffer in C++ for fast & thread-safe telemetry

DRM Library for Windows (x64) in C++

Example of natural/unassisted DLL injection via proxying using various stealth techniques

Function scheduling stealth method using APC with encrypted shellcode

An interesting technique on Windows (x64) to "hook" memory via VEH and PAGE_NOACCESS page permissions

LLVM Pass Plugin for obfuscating imported/resolved functions using `GetProcAddress` (x64)

LLVM Pass which inserts an opaque predicate at the end of a function, filled with junk bytes to cause IDA analysis to fail (x86_64)

Maps view of a section pointing to a class/struct object with SEC_NO_CHANGE & PAGE_EXECUTE_READ, protecting it from page protection modifications and memory writes

Firev2's Profile Repo

A simple compile-time code virtualization class in C++

Templated Obfuscation example in C++ for protecting/hiding values in memory

Research into how we can detect aim cheats in FPS games using player's directional data sets

Packet Encryption for Mir4.

AssaultCubeNoob is a simple aimbot for Assault Cube, featuring a minimal codebase

Network-based Client Emulator for Mir4 Global, written in C#

Research into removing strings & API call references at compile-time (Anti-Analysis)

Research of modifying exported function names at runtime (C/C++, Windows)

Encryption module in C for DragonNest MMORPG

MITRE ATT&CK Submission - Changing Module names at runtime

Packet editor for Tree Of Savior with embedded LUA scripting

Packet Editor with LUA scripting functionality for Mir:M

Automation & scripting tool for Path of Exile.

Packet editor for Honor of Heirs

APC Injection is a code injection technique which bypasses TLS callback protections (Windows OS)

Injection Technique: Inserts current process into target process