A curated collection of Windows internals notes, malware reversing tips, and small PoCs aimed at reverse engineers.
It may also include longer, book-style documents created during my learning process on specific topics or techniques.
This repository serves as a personal, fast-access notebook for day-to-day malware analysis, Windows internals, and reversing.
Instead of hundreds of scattered bookmarks or a massive text file, it centralizes concise notes, reference links, and code snippets for quick Ctrl+F access.
The goal is simplicity and practicality — short entries, precise pointers, and ready-to-use references.
All documentation is based on open-source material and libraries, curated and condensed (sometimes with the help of AI tools) to provide clear descriptions of techniques and defensive insights.
- Docs
- PoCs
- Tools & Tips
- WinLow — Windows Exploitation & Internals (WIP) — a companion, hands-on reference that bridges Windows internals with exploitation and detection. Lab-friendly notes, redacted PoCs and hunting playbooks; actively maintained. https://github.com/adanto/winlow
- Part 1 – Fundamentals
- Part 2 – Exploitation Mitigations
- Part 3 – Anti-Reversing & Evasion
- Part 4 – Practical Exploitation
- Part 5 – Detection & Countermeasures