State-of-the-art native debugging tools

SoftICE-like kernel debugger for Windows 11

High-speed secure pseudorandom function for short messages

kernel mode anti cheat

The Grimoire Hypervisor solution for x86 Processors with experimental nested virtualization support. Remastering with Rust in progress.

C++ self-Injecting dropper based on various EDR evasion techniques.

The first analysis framework for CPU microcode

XXTEA encryption algorithm library for C.

Emulate Drivers in RING3 with self context mapping or unicorn

PoC HWID spoofer that runs in EFI

A kernel driver for reading and writing memory

xigmapper is a driver manual mapper that loads your driver before Vanguard, but after critical system infrastructure has been set up, allowing you to write your bypass without worrying about the in…

System Management Mode (SMM) game cheating framework

Admin to Kernel code execution using the KSecDD driver

Using CVE-2023-21768 to manual map kernel mode driver

Drawing from kernelmode without any hooks

Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).

nmi stackwalking + module verification

Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).

Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unauthorized modifications to the Windows kernel. The analysis is…

A plugin to x64dbg that lets you find out what writes to/accesses particular address

An implementation of the Salsa20 stream cipher in C99

Example of reading process memory through kernel special APC

A perfect driver for game hack

Example Windows Kernel-mode Driver which enumerates running processes.

bypass to the p2c(s) that I have run over the past few months.

Small C99 and C++98 library to parse SMBIOS information