Deputation's repositories
instrumentation_callbacks
A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.
kernel_sockets_memory
Kernel-based memory hacking framework communicating with a kernel driver via sockets.
kernel_payload_comms
A proof of concept demonstrating communication via mapped shared memory structures between a user-mode process and a kernel-mode payload on Windows 10 20H2.
syscall_extractor
A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.
poc_close_handle
CloseHandle hooking proof of concept in C++.
cpp_async_file_hashing
Asynchronous MD5 file hashing in C++ using futures.
fast-string
Convert strings to little endian hexadecimal representation for fast, compiler-friendly comparisons.
dive
A tool for exploring each layer in a docker image
limba
compile-time control flow obfuscation using mba
llm.c
LLM training in simple, raw C/CUDA
wdbgark
WinDBG Anti-RootKit Extension