Works

Welcome to my “Works” page, where you’ll find a curated collection of my coding projects that span across a few focus areas, primarily in system-level programming, security research, and Windows internals. From extracting system calls in Windows with the NTDLL system call extraction tool to delving into the world of import obfuscation with demonstrations in x64 ASM and C++, these projects showcase my areas of study and research.

1. Technique Demos

• Demo of simple minimal PE
• Demo of direct kernel object manipulation in Windows
• Demo of basic DLL injection
• Demo of basic return address spoofing
• Demo of basic command line argument spoofing
• Demo of parent process ID spoofing
• Demo of system call number resolution by sorting export RVAs
• Demo of dynamic import obfuscation in x64 ASM and C++
• Demo of PEB-Less GetModuleHandle
• Demo of Cronos sleep obfuscation
• Demo of synthetic stack spoofing with some improvements
• Demo of DLL unhooking

2. Tools / Projects

• Windows NTDLL system call extraction tool
• Escape From Tarkov radar cheat
• Simple gadget hunting tool
• Simple utility for adding a section to a PE
• Simple Windows memory mapping tool
• Priority Booster project from Windows Kernel Programming