blog

Direct Circular Buffer Injection in mouclass.sys

Injecting mouse input by directly writing to mouclass's internal data queue, bypassing MouseClassServiceCallback and the HID stack entirely.

Jan 21, 2026

Context Manipulation in Claude Code

Claude Code's safety measures depend on local files and conversation context. Both are user-controlled.

Dec 15, 2025

CI.sys Signature Validation Gaps

Zeroing RSA signature bytes in a signed driver. It still loads with Secure Boot and HVCI enabled.

Dec 1, 2025