diff --git a/buffer_dump.dll b/buffer_dump.dll
new file mode 100644
index 0000000..0d84fa3
Binary files /dev/null and b/buffer_dump.dll differ
diff --git a/buffer_dump.i64 b/buffer_dump.i64
new file mode 100644
index 0000000..9bb8bbe
Binary files /dev/null and b/buffer_dump.i64 differ
diff --git a/driver.sys b/driver.sys
new file mode 100644
index 0000000..b27e2bf
Binary files /dev/null and b/driver.sys differ
diff --git a/driver.sys.i64 b/driver.sys.i64
new file mode 100644
index 0000000..a4e5e7d
Binary files /dev/null and b/driver.sys.i64 differ
diff --git a/ida_pages/ioctl_hook_setup.html b/ida_pages/ioctl_hook_setup.html
new file mode 100644
index 0000000..dfdc3dd
--- /dev/null
+++ b/ida_pages/ioctl_hook_setup.html
@@ -0,0 +1,71 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<title>IDA - driver.sys.i64 (driver.sys) C:\Users\xerox\Desktop\amlegit.com\driver.sys.i64</title>
+</head>
+<body bgcolor="#ffffff">
+<span style="white-space: pre; font-family: Consolas; color: blue; background: #ffffff">
+
+<span style="color:gray">__int64 __fastcall ioctl_hook_setup(__int64 DRIVER_OBJECT)
+</span><span style="color:navy">{
+  </span><span style="color:gray">// [COLLAPSED LOCAL DECLARATIONS. PRESS KEYPAD CTRL-&quot;+&quot; TO EXPAND]
+
+  </span><span style="color:#8080ff">device_name </span><span style="color:navy">= (</span><span style="color:gray">const UNICODE_STRING *</span><span style="color:navy">)(</span><span style="color:#8080ff">DRIVER_OBJECT </span><span style="color:navy">+ 0x38);
+  </span><span style="color:#8080ff">pdriver_object </span><span style="color:navy">= (</span><span style="color:gray">struct _DRIVER_OBJECT *</span><span style="color:navy">)</span><span style="color:#8080ff">DRIVER_OBJECT</span><span style="color:navy">;
+  </span>debug_with_prefix<span style="color:navy">((</span><span style="color:gray">__int64</span><span style="color:navy">)&quot;</span><span style="color:green">Going to %wZ @ 0x%p\n&quot;</span><span style="color:navy">, </span><span style="color:#8080ff">DRIVER_OBJECT </span><span style="color:navy">+ 0x38, </span><span style="color:#8080ff">DRIVER_OBJECT</span><span style="color:navy">);
+  if ( !</span><span style="color:#8080ff">pdriver_object</span><span style="color:navy">-&gt;DeviceObject )
+  {
+    </span><span style="color:#8080ff">register_result </span><span style="color:navy">= </span>register_device<span style="color:navy">(</span><span style="color:#8080ff">pdriver_object</span><span style="color:navy">, (</span><span style="color:gray">PDEVICE_OBJECT *</span><span style="color:navy">)&amp;</span>qword_140006180<span style="color:navy">);
+    if ( (</span><span style="color:#8080ff">register_result &amp; </span><span style="color:navy">0xC0000000) == 0xC0000000 )
+    {
+      </span>debug_with_prefix<span style="color:navy">((</span><span style="color:gray">__int64</span><span style="color:navy">)&quot;</span><span style="color:green">Failed to create Device!\n&quot;</span><span style="color:navy">);
+      return </span><span style="color:#8080ff">register_result</span><span style="color:navy">;
+    </span><span style="background:#8080ff"></span><span style="color:navy">}
+    </span><span style="color:#8080ff">v5 </span><span style="color:navy">= 1;
+    goto LABEL_11;
+  </span><span style="background:navy"></span><span style="color:navy">}
+  if ( !</span><span style="color:#ff00ff">ObQueryNameInfo</span><span style="color:navy">() )
+  {
+    </span><span style="color:#8080ff">print_string </span><span style="color:navy">= &quot;</span><span style="color:green">Unnamed device. Skipping.\n&quot;</span><span style="color:navy">;
+LABEL_7:
+    </span>debug_with_prefix<span style="color:navy">((</span><span style="color:gray">__int64</span><span style="color:navy">)</span><span style="color:#8080ff">print_string</span><span style="color:navy">);
+    return 0xC0000002i64;                       </span><span style="color:green">// STATUS_NOT_IMPLEMENTED
+  </span><span style="background:navy"></span><span style="color:navy">}
+  </span><span style="color:#ff00ff">RtlInitUnicodeString</span><span style="color:navy">(&amp;</span><span style="color:#8080ff">gpu_energy_drv_str</span><span style="color:navy">, </span><span style="color:#8080ff">L&quot;</span><span style="color:green">\\Driver\\GpuEnergyDrv&quot;</span><span style="color:navy">);
+  if ( !</span><span style="color:#ff00ff">RtlEqualUnicodeString</span><span style="color:navy">(&amp;</span><span style="color:#8080ff">gpu_energy_drv_str</span><span style="color:navy">, </span><span style="color:#8080ff">device_name</span><span style="color:navy">, 0) )
+  {
+    </span><span style="color:#8080ff">print_string </span><span style="color:navy">= &quot;</span><span style="color:green">Not our target driver. Skipping.\n&quot;</span><span style="color:navy">;
+    goto LABEL_7;
+  </span><span style="background:navy"></span><span style="color:navy">}
+  </span>original_ioctl <span style="color:navy">= </span>install_ioctl_hook<span style="color:navy">((</span><span style="color:gray">__int64</span><span style="color:navy">)</span><span style="color:#8080ff">pdriver_object</span><span style="color:navy">, (</span><span style="color:gray">__int64</span><span style="color:navy">)</span>ioctl_inline_hook<span style="color:navy">);
+  </span><span style="color:#8080ff">v5 </span><span style="color:navy">= 0;
+LABEL_11:
+  </span>byte_140006188 <span style="color:navy">= </span><span style="color:#8080ff">v5</span><span style="color:navy">;
+  </span>qword_140006180 <span style="color:navy">= (</span><span style="color:gray">__int64</span><span style="color:navy">)</span><span style="color:#8080ff">pdriver_object</span><span style="color:navy">-&gt;DeviceObject;
+  if ( (</span>sub_1400044CC<span style="color:navy">(</span><span style="color:#8080ff">pdriver_object</span><span style="color:navy">-&gt;MajorFunction, </span>qword_1400060A0<span style="color:navy">, 28i64) &amp; 0xC0000000) == 0xC0000000 )
+  {
+    if ( </span>byte_140006188 <span style="color:navy">== 1 )
+      </span>sub_140001544<span style="color:navy">(&amp;</span>qword_140006180<span style="color:navy">);
+    </span>byte_140006188 <span style="color:navy">= 0;
+    </span><span style="color:#8080ff">result </span><span style="color:navy">= 0xC0000305i64;
+  </span><span style="background:navy"></span><span style="color:navy">}
+  else
+  {
+    </span><span style="color:#8080ff">pdriver_object</span><span style="color:navy">-&gt;MajorFunction[0] = (</span><span style="color:gray">PDRIVER_DISPATCH</span><span style="color:navy">)</span>IRP_MJ_CREATE<span style="color:navy">;
+    </span><span style="color:#8080ff">pdriver_object</span><span style="color:navy">-&gt;MajorFunction[2] = (</span><span style="color:gray">PDRIVER_DISPATCH</span><span style="color:navy">)</span>IRP_MJ_CLOSE<span style="color:navy">;
+    </span><span style="color:#8080ff">pdriver_object</span><span style="color:navy">-&gt;MajorFunction[14] = (</span><span style="color:gray">PDRIVER_DISPATCH</span><span style="color:navy">)</span>IOCTL_HOOK_FUNCTION<span style="color:navy">;
+    </span>pdriver_obj <span style="color:navy">= (</span><span style="color:gray">__int64</span><span style="color:navy">)</span><span style="color:#8080ff">pdriver_object</span><span style="color:navy">;
+    if ( (</span><span style="color:gray">int</span><span style="color:navy">)</span>sub_140001438<span style="color:navy">(</span>qword_140006180<span style="color:navy">) &lt; 0 )
+      </span>debug_with_prefix<span style="color:navy">((</span><span style="color:gray">__int64</span><span style="color:navy">)&quot;</span><span style="color:green">Failed to create symlink\n&quot;</span><span style="color:navy">);
+    if ( </span><span style="color:#8080ff">pdriver_object</span><span style="color:navy">-&gt;DriverUnload )
+    {
+      </span>driver_unload_orig <span style="color:navy">= (</span><span style="color:gray">__int64</span><span style="color:navy">)</span><span style="color:#8080ff">pdriver_object</span><span style="color:navy">-&gt;DriverUnload;
+      </span><span style="color:#8080ff">pdriver_object</span><span style="color:navy">-&gt;DriverUnload = (</span><span style="color:gray">PDRIVER_UNLOAD</span><span style="color:navy">)</span>new_driver_unload<span style="color:navy">;
+    </span><span style="background:blue"></span><span style="color:navy">}
+    </span>debug_with_prefix<span style="color:navy">((</span><span style="color:gray">__int64</span><span style="color:navy">)&quot;</span><span style="color:green">Successfully hooked %wZ @ 0x%p\n&quot;</span><span style="color:navy">, </span><span style="color:#8080ff">device_name</span><span style="color:navy">, </span><span style="color:#8080ff">pdriver_object</span><span style="color:navy">);
+    </span><span style="color:#8080ff">result </span><span style="color:navy">= 0i64;
+  </span><span style="background:navy"></span><span style="color:navy">}
+  return </span><span style="color:#8080ff">result</span><span style="color:navy">;
+</span><span style="background:#8080ff"></span><span style="color:navy">}
+</span></body></html>
diff --git a/images/amlegit_diagram.png b/images/amlegit_diagram.png
new file mode 100644
index 0000000..34bc792
Binary files /dev/null and b/images/amlegit_diagram.png differ
diff --git a/images/ioctl_hook_driver.png b/images/ioctl_hook_driver.png
new file mode 100644
index 0000000..5a72b4b
Binary files /dev/null and b/images/ioctl_hook_driver.png differ
diff --git a/images/lapex_imports.png b/images/lapex_imports.png
new file mode 100644
index 0000000..10415a7
Binary files /dev/null and b/images/lapex_imports.png differ
diff --git a/images/nsiproxy_paste.PNG b/images/nsiproxy_paste.PNG
new file mode 100644
index 0000000..aa6155b
Binary files /dev/null and b/images/nsiproxy_paste.PNG differ
diff --git a/images/spoofer_paste.png b/images/spoofer_paste.png
new file mode 100644
index 0000000..39b0537
Binary files /dev/null and b/images/spoofer_paste.png differ
diff --git a/inject_dump.dll b/inject_dump.dll
new file mode 100644
index 0000000..6443d49
Binary files /dev/null and b/inject_dump.dll differ
diff --git a/inject_dump.i64 b/inject_dump.i64
new file mode 100644
index 0000000..298dce3
Binary files /dev/null and b/inject_dump.i64 differ
diff --git a/lapex.dll b/lapex.dll
new file mode 100644
index 0000000..80105b0
Binary files /dev/null and b/lapex.dll differ
diff --git a/lapex.dll.i64 b/lapex.dll.i64
new file mode 100644
index 0000000..614cd8f
Binary files /dev/null and b/lapex.dll.i64 differ
diff --git a/llauncher_dump.exe b/llauncher_dump.exe
new file mode 100644
index 0000000..02f1ea5
Binary files /dev/null and b/llauncher_dump.exe differ
diff --git a/llauncher_dump.i64 b/llauncher_dump.i64
new file mode 100644
index 0000000..d5a724a
Binary files /dev/null and b/llauncher_dump.i64 differ
diff --git a/mmap_dump.dll b/mmap_dump.dll
new file mode 100644
index 0000000..76b0958
Binary files /dev/null and b/mmap_dump.dll differ
diff --git a/mmap_dump.i64 b/mmap_dump.i64
new file mode 100644
index 0000000..bf52110
Binary files /dev/null and b/mmap_dump.i64 differ