Cthaeh
🌳 Ghidra-powered triage scanner for Windows kernel drivers. Used as part of my driver research workflow, including findings later published as CVEs. Scores drivers on 60+ vulnerability heuristics so you know which .sys files to pull apart first. Named after the all-seeing tree from The Kingkiller Chronicle.
Cred Relay
Monthly newsletter covering offensive security, maldev, and AI-assisted security research.
CVE-2025-3464 AsIO3 LPE
BYOVD LPE exploit for ASUS AsIO3.sys - TOCTOU auth bypass + PreviousMode decrement to steal SYSTEM tokens on Windows 11. AI-assisted exploit development. CVE discovered by Cisco Talos.
CVE-2026-32746 GNU InetUtils telnetd PoC
Proof-of-concept code for CVE-2026-32746, a GNU InetUtils telnetd LINEMODE SLC buffer overflow described as pre-auth RCE with CVSS 9.8.
Bluesky CLI
Full-featured CLI for Bluesky/AT Protocol. Post, reply, like, repost, follow, block, mute, search, threads, and images from the terminal.
Bazzy
A shellcode injector and runner built in Nim.
BunnyGod
AI-powered philosophical Q&A system that retrieves answers from academic literature. Built with Astro, Cloudflare Workers, and Workers AI.