Released PseudoForge 0.1.0. An IDA Pro / Hex-Rays plugin built for Windows kernel driver analysis. It cleans up raw decompiler output with rule-based passes, WDK-backed API profiles, user-defined rules, and optional LLM rename assist that is kept behind deterministic validation. Current focus: - DriverEntry reconstruction hints - IRP / IOCTL dispatcher cleanup - CTL_CODE and NTSTATUS decoding - WDK API argument semantics - pool tag recovery - LIST_ENTRY traversal - CONTAINING_RECORD patterns - callback registration flows - common kernel cleanup paths This is still a very early release, so expect rough edges. 😆 repo: github.com/kernullist/Pseudo…

Let's Zoom-In to the new start of the week... 🔍 Releasing #IDA Plugin #ZoomAllViews — Ctrl Scroll font zoom for every IDA view. 💪 Because this should work out of the box. Now it does. 🤓 • Zoom in/out in Disassembly, Pseudocode, Hex View, Strings, Imports, Functions, Structures, and every chooser 😲 • Works across Normal & Debug view widgets — Stack, Registers, Locals, Watch • Row heights scale automatically with font size • Graph/Proximity/Xref views excluded — IDA's native zoom untouched ☝️ • Toggle on/off via menu or Ctrl-Shift-Z • Single file, zero dependencies 🫰 • Compatible IDA 8.x — 9.3 (PyQt5 / PySide6) 🛠️ github.com/Dump-GUY/ZoomAllV… #IDAPro #ReverseEngineering #IDAPython #Malware #DFIR @HexRaysSA

Built WinGraph, my new project - a BloodHound-style dependency visualizer for every binary in Windows System32 directory. 4,000 DLLs, EXEs. Every import. Every export. One interactive graph. Check it out now : wingraph.m0n1x90.dev/

My keynote at RE//Verse went great! (it will be released online later if you missed it!)

Thanks to @snowyuwa we will soon have much more comprehensive type support. He was a massive help in testing the new CMake setup ♥ More updates soon!

👋 Please join us in welcoming @RolfRolles as Hex-Rays’ new Chief Scientist! Rolf brings decades of RE expertise, with standout work in obfuscation, decompilation, and software protection. At Hex-Rays, he’ll lead research into next-gen decompilation and automated program understanding to keep our tools at the cutting edge. We’re thrilled to have him on board! #ReverseEngineering #IDAPro #BinaryAnalysis #Decompilation

I haven't been publishing much lately, but not because I haven't been doing research -- in fact, I've done more than ever in the past five years. My ~200KLOC backlog will soon begin trickling out into the IDA/Hex-Rays ecosystem.

Hypervisors for Memory Introspection and Reverse Engineering by @memn0ps secret.club/2025/06/02/hyper…

Unlock forbidden Windows knowledge! 🤫💻 Find the PEB through truly undetected means and pop calculator 💥 The non-golf form will be available below 👇 #redteamtips #windowsinternals #rust

If you update WinDbg today (1.2504.15001.0), you might notice another icon in the View tab of the ribbon, one called "Parallel Stacks". While incredibly useful in its own right, this isn't just a parallel stacks view. It's the introduction of graph visualization for extensions!

We need less tech e-journals / “tech news curators” with incompetent owners/writers. It’s on par with the drivel and saturation of Podcasts these days. Where in this did Microsoft say they are removing kernel access for 3rd parties? Where in their official statement? Their correspondence indicates that they want to reduce the need to run something in the kernel. They haven’t committed to this permanent removal of kernel access for third-parties solutions like anti-cheats.

🚨💻 Tired of C being "old-fashioned"? Spice it up with anonymous functions using this λ-macro hack! Say hello to cleaner, smarter code in pure C! 🎯 #redteamtips #security #redteam 👀👇

how do i remove a child from parent with fork (woah calm down, in unix, not real life)

New blog entry: C Unwind Metadata: A Hidden Reverse Engineering Bonanza msreverseengineering.com/blo…

I don't think dating apps are for me...

Logging into Xitter and seeing thousands upon thousands of people, who have never written a single line of code their entire life and can barely use a computer, giving their expert input into kernel-mode programming