B13

I'm dropping MemReaper today. It's a live memory forensics and payload extraction tool I wrote in C++ (ImGui/DX11).
Instead of just dumping raw bytes and hoping for the best, MemReaper extracts the payload directly from live memory and reconstructs the IAT on the fly.
⚙️ Core Features & Tech Breakdown
Scylla-Killer (Auto IAT Rebuilder): Rebuilds the Import Address Table directly from RAM. It sanitizes the DataDirectory (clears BaseReloc and Bound Imports) and fixes Raw/Virtual sizes. If the protector uses header stomping (e.g., wiping the DOS/NT headers in memory), MemReaper dynamically pulls the original headers from the physical file on disk and stitches them back onto the memory-dumped payload.
Live Memory Foraging: Scans MEM_COMMIT regions using VirtualQueryEx. It actively hunts for unlinked/hidden modules (orphaned MZ signatures) and raw shellcode cavities. If it finds a mapped region with suspicious execution traits but no valid header, it dumps the raw .bin and automatically extracts strings for quick analysis.
EDR Hook Restoration (Lazarus Engine): Checks ntdll.dll for 0xE9 (JMP) or 0xC3 (RET) inline hooks on critical syscalls (NtReadVirtualMemory, NtProtectVirtualMemory, EtwEventWrite, etc.). If it detects that the APIs are blinded, it reads the clean bytes and forces a restore via VirtualProtectEx to bypass user-land telemetry.
Rogue Thread & Hollowing Detection: Uses undocumented NTDLL APIs (NtQueryInformationThread -> ThreadQuerySetWin32StartAddress) to spot threads running from unbacked memory (bypassing EnumProcessModules). It also flags process hollowing by tracking child PID spawning anomalies.
Built-in Hex Dump: A fast, interactive Hex/ASCII viewer for live memory addresses and dumped .bin files directly in the UI.
🚀 Quick Usage
Run MemReaper.exe as Admin (strictly required for ReadProcessMemory / VirtualQueryEx).
Click BROWSE FILE to select your target (.exe or .dll).
Check the Static Profile (Imphash, Packer Score, anomalies).
Click REAP TARGET (SUSPENDED) to spawn the process frozen.
Hit RESUME to let the packer do its unpacking job in RAM.
Once unpacked, click BUILD FINAL EXE to dump the clean, IAT-fixed executable.
📸 Screenshots



Enjoy the tool, and let me know if you run into any bugs or have feature requests!
[Hidden Content]

If you regularly work with long context windows on AI platforms, you are likely familiar with the UI lag and high RAM consumption that occurs as the conversation grows. This is primarily caused by DOM bloat—the browser struggling to render and keep thousands of text nodes and complex HTML elements in active memory simultaneously.
I developed ChatBoost Pro as a lightweight client-side solution to tackle this rendering bottleneck. This tool is currently exclusive to our VIP members.
⚙️ How It Works (Technical Overview)
Instead of relying on heavy MutationObserver scripts that cause CPU spikes during text generation, ChatBoost Pro uses a highly optimized, low-frequency interval engine (1.5s tick rate).
It continuously calculates the getBoundingClientRect() of message nodes. Elements that are pushed far above the viewport are dynamically dynamically stripped of their rendering priority (opacity: 0.01). This forces the browser's engine to drop them from active GPU/paint memory while strictly preserving the scrollbar height and page structure.
📌 Core Features:
Multi-Model Selectors: Native support for the specific DOM structures of ChatGPT (data-message-author-role), Gemini (user-query, model-response), Claude (.font-user-message), and DeepSeek (.ds-markdown).
Zero-Lag Engine: The optimization runs silently in the background without interrupting the AI's real-time text generation.
Smart Search Mode: Hooked directly into the browser's native search shortcut. Pressing Ctrl + F (or Cmd + F) instantly restores full visibility to all pruned nodes, allowing seamless text searching.
Clean Text Export: A built-in parser that extracts raw conversation text (ignoring hidden DOM clutter) and exports it directly as a .txt file.

📥 Installation Instructions (Manual Load):
Since this is an unpacked VIP release, please follow these standard developer installation steps:
Download the attached .zip file (RAR PW: decodehub.org) - and extract it to a folder on your computer.
Open your browser and navigate to chrome://extensions/ - FireFox: about:addons
Enable "Developer mode" in the top right corner.
Click the "Load unpacked" button and select the folder you just extracted.
You will see a green "⚡ Engine Active" notification when you open any supported AI platform.
Note: The code has been obfuscated for security purposes, but it operates entirely locally. No external APIs, no analytics, no data collection.
Enjoy the smooth workflow! Let me know if you encounter any bugs or DOM selector changes in future AI platform updates.