Dynamic Indirect Syscalls via JOP/ROP in Pure no_std, no_alloc, no dependency Rust

Disable PatchGuard and Driver Signature Enforcement at boot time

Portable fork of Doug Lea's malloc implementation. Can be used for memory allocator in Rust.

Yet another variant of Process Hollowing

Unreal Engine SDK Generator

Includes features like Aimbot, Magnet Triggerbot, dynamic FOV, Bones joints ESP, visible check via VPK parsing, Recoil control, Web Radar, Platform decryption, and more.

My Website

A collection of MCP servers.

Using DLL sideloading to hijack the exe main thread before starting it! 使用dll侧载在exe程序主线程启动之前劫持主线程。

Fork of iced disassembler

A simple tool that quickly creates a Windows Driver rust crate.

Inject malicious code into Notepad and use antivirus software memory scanning to automatically locate memory signature codes. 向notepad注入恶意代码，利用杀软进行内存扫描自动化定位内存特征码。

noah's blog

Loader Pre-Technology, Main thread hijacking without using API, get ntdll and kernel32 handle without peb. 加载器前置技术，不使用API进行主线程劫持，不使用PEB获取ntdll和kernel32的地址。

Thread Pool Timer Process Injection

GateSentinel 是一个现代化的 C2 (Command and Control) 框架，专为安全研究和渗透测试设计。该项目采用 Go 语言开发服务端，C 语言开发客户端，提供了强大的远程控制和管理功能。

memory introspection and reverse engineering hypervisor powered by leveraging Hyper-V

XNU Patch Finder (based on ChOma)

Simple Demo of using Windows Hypervisor Platform

本仓库包含对 Claude Code v1.0.33 进行逆向工程的完整研究和分析资料。包括对混淆源代码的深度技术分析、系统架构文档，以及重构 Claude Code agent 系统的实现蓝图。主要发现包括实时 Steering 机制、多 Agent 架构、智能上下文管理和工具执行管道。该项目为理解现代 AI agent 系统设计和实现提供技术参考。

Stack integrity verification to Detect SleepMask or CallStack Spoofer

NovaHypervisor is a defensive x64 Intel host based hypervisor. The goal of this project is to protect against kernel based attacks (either via Bring Your Own Vulnerable Driver (BYOVD) or other mean…

Mirror of Kevin-Rudd's HITMAN 3 mod Freelancer Variations

Small x86-32/x64 FTP Server

Miscellaneous Code and Docs

Advanced tweak configurator for iOS 10 and up