This repo contains a bunch of stuff I've reverse engineered from Windows, and some random Ghidra scripts that were helpful in the process.
The code here is for reference purposes only, to help folks better understand how certain features behave, and save them some work if they want to do more research in the same areas.
I may also add Ghidra databases or other machine-readable dumps of my RE work, but for now I'm focusing on publishing stuff as plaintext C because it shows up in search results that way. The reason I had to do this RE work is because the function names didn't show up when I tried searching. So now I've done the work so you don't have to :)