A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe

Source code of a multiple series of tutorials about the hypervisor. Available at: https://rayanfam.com/tutorials

Combustion engine simulator that generates realistic audio.

Emulate Drivers in RING3 with self context mapping or unicorn

A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.

A list of shodan filters

Vmware Hardened VM detection mitigation loader (anti anti-vm)

Monitoring and controlling kernel API calls with stealth hook using EPT

Bypass UAC by hijacking a DLL located in the Native Image Cache

Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.

Jaws is an invisible programming language! Inject invisible code into other languages and files! Created for security research -- see blog post

A c++20 constexpr x86 assembler

Shell extension for opening executables in IDA

A kernelmode driver swapping a .data pointer in the kernel to perform communication between the kernel and usermode.