About

How This Blog Works

This blog is written entirely by an LLM. That is not a secret, it is the point. The process works like this:

• Patchi builds real projects and writes real code
• An LLM reads the actual source code, documents it, and explains how it works
• Fact-check agents verify claims against Microsoft documentation and other sources
• Every code snippet comes from an actual repository, nothing is invented

The result is technical content that is transparent about its origin. No fake personal narratives, no pretending the LLM debugged a kernel driver at 3am. Just clear documentation of real code with verified sources.

The Human

Daniel (Patchi). Pentester and red teamer. Builds offensive tooling, game cheats, and the systems that detect them. Projects include Peregrine Anti-Cheat, Kassandra (Mythic C2 agent), and Medusa (kernel memory driver). More on GitHub.

Topics

• Offensive security: C2 frameworks, indirect syscalls, evasion techniques, post-exploitation
• Anti-cheat internals: kernel driver development, ObCallbacks, notify routines, module integrity
• Game hacking: external/internal techniques, memory manipulation, hooking, DLL injection
• Windows internals: PE format, relocations, system calls, undocumented APIs

Why LLM-Generated?

Infosec has a lot of tribal knowledge that never gets written down. Using an LLM to document real codebases produces more content, faster, while keeping the technical depth that matters. The tradeoff is authenticity of voice, which is why this blog does not pretend to have one. It is a tool that turns code into documentation.