I am a developer and reverse engineer based in Estonia. My work is driven by a need to understand the black boxes we interact with every day. Whether it’s a compiled game client or a heavily obfuscated web application, I focus on deconstructing the logic, finding the constraints, and writing software to bypass them.

Binary Analysis & Windows Internals
A lot of my research happens at the assembly level. I learned this by needing to modify running processes to make them behave differently. My project GeforceNowAMD is a direct result of this. I wanted to access the 240fps streaming option on Geforce Now, which is arbitrarily restricted to specific hardware vendors. To fix this, I had to reverse engineer the running process to locate the specific instruction sets checking the GPU ID.

Once I mapped the internal logic, I wrote a custom DLL to patch the memory at runtime. By hooking the validation functions, I forced the client to accept my hardware as "supported," unlocking the functionality. This project forced me to get very comfortable with memory scanning, function hooking, and the general architecture of Windows processes. I’ve extended this research into finding vulnerabilities in other cloud gaming services, specifically looking for ways to escape the "sandbox" and achieve arbitrary code execution on host machines.

Web Protocol Reverse Engineering
I don't like using slow, browser-based automation tools like Selenium or Puppeteer unless absolutely necessary. I prefer to reverse engineer the underlying API to build lightweight, headless clients.

For projects like PixelPlaceJS and Defly.io, I analyzed the network traffic to understand the custom WebSocket protocols and HTTP endpoints. This often meant diving into WASM blobs or deobfuscating minified JavaScript to find the encryption keys or packet structures. To do this effectively, I often have to deal with heavy obfuscation. I wrote De4Lua specifically because I needed a tool to strip away protection layers from Lua scripts to understand the logic hidden inside. The result is usually a library that can interact with game servers directly—placing pixels or moving entities—without ever rendering a single frame.

Evasion & Fingerprinting
The other half of my work is ensuring that automation remains undetected. When you interact with services programmatically, you are constantly fighting against fraud detection systems. I have spent a significant amount of time studying how these systems identify "bot" behavior versus "human" behavior.

I know how to manipulate TLS fingerprints, canvas data, and audio contexts to make automated requests look legitimate. I work with anti-detect browsers and residential proxies to manage risk scores, ensuring that automated traffic flies under the radar of modern security suites.

Performance Logic
I also work with AI, but strictly for performance. AimAhead was an experiment in creating a computer vision-based aimbot where efficiency was the only metric that mattered. Instead of heavy, bloated models, I focused on low-level optimization to ensure the detection logic could run faster than the game loop itself.

You can check out the source code for my public research on GitHub.