Inter-binary control flow graphing

Tools for attacking Computer Use Agents

MCP server that allows searching the Rust windows crate API documentation

Home of OpenVMM and OpenHCL

Python Command-Line Ghidra Binary Diffing Engine

The Windbg extensions to study Hyper-V on Intel and AMD processors.

Windows Implementation Library

X86 Mutation Engine with Portable Executable compatibility.

An example MS-W32T client to show how to use midl.exe in a project managed by CMake

A library to abstract between different lossless and lossy compressors

The simple UEFI application to create a Windows Platform Binary Table (WPBT) from the UEFI shell.

Basically a KrabsETW rip-off written in Rust

Disable PatchGuard and Driver Signature Enforcement at boot time

Test if an antivirus is installed via the resolution of the service virtual SID

Windows kernel hacking framework, driver template, hypervisor and API written on C++

Elevation of privilege detector based on HyperPlatform

Memory Debugger for Windows, Linux, Mac, and Android

A .NET Framework 4.0 Windows Agent

Microsoft Message Analyzer EOL Archive

Useful scripts for WinDbg using the debugger data model

Sysmon-Like research tool for ETW

API samples for the Universal Windows Platform.

"Screwed Drivers" centralized information source for code references, links, etc.

Blazing fast and correct x86/x64 disassembler, assembler, decoder, encoder for Rust, .NET, Java, Python, Lua

A driver that hooks C: volume using symbolic link callback to track all FS access to the volume

AV/EDR evasion via direct system calls.

Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.