Another pointless weekend project - a playable version of the old 3DMaze screensaver from Windows 9x. I reverse-engineered the original screensaver binary and added user-input functionality for the controls (and fixed some other minor issues!).

Just released another project that I created a few weeks ago - a NES emulator for Windows written in C/C++ using pure WinAPI 🎮.

Short demo of ping.exe running within a virtualized environment using this emulator:

I created a hypervisor-based emulator for Windows x64 binaries. This project uses Windows Hypervisor Platform to build a virtualized user-mode environment, allowing syscalls and memory accesses to be logged or intercepted. Project:.

last day at @MDSecLabs today 😢 but looking forward to some new challenges at @elastic next week!.

happy to finish in the top 10 this year (only just!) #flareon11

here it is running a small DOS-based game from Flare-On 2023 (challenge 6, FlareSay.exe) 🙂

DOSVisor - A hypervisor-level emulator for executing 16-bit real-mode DOS programs on Windows.

WoWMIPS - A MIPS R4000 emulator which allows legacy Windows NT MIPS binaries to run on modern x86/64 Windows. A short series of articles describes the development of this emulator:.

12 months late but it has finally arrived 🙂 #flareon9

finished for another year! #flareon10

First blog post in a while! This article describes an undocumented trick to embed executable code within (what appears to be) a read-only PE section.

it has been a few years since i last wrote a game cheat. modern games don't interest me so i've gone the other way and written an aimbot for the original doom - works on windows 95 with the official binaries 🙂

16-bit solitaire is now running as it should 🙂 now i'm definitely finished with the project because i can't handle any more nights debugging minor cpu logic bugs until 5am 😥

following on from my post last week, 16-bit minesweeper now runs flawlessly in my windows 3.1 cpu/win16api emulator 🙂 i don't plan to take it any further from here but will consider writing a post covering the fun (and not so fun) bits if there is any interest in this project 🙂

i have been writing a windows 3.1 emulator in my spare time over the last few weeks, it emulates an 80286 cpu running in protected mode and forwards/translates win16 api calls to the native api at runtime. my first test program is working correctly - minesweeper is coming next 🙂

SelfDebug - A useless anti-debug trick by (sort of) forcing a process to debug itself.

StealthHook - A method for hooking functions without modifying memory protection. This tool automatically discovers writable global pointers/vtable entries that are nested within the target function, enabling stealthy function hooking and interception.

reading #flareon9 writeups from other people has been interesting - it highlights how everybody (including myself) used very different methods and thought processes to solve the challenges 🙂.

SharedMemUtils - A simple tool to automatically find vulnerabilities in shared memory objects (commonly used for IPC in Windows services). This tool immediately uncovered potential exploitation routes in both Nvidia and Dell Audio services on my system.