Comment by ssklash
3 years ago
ReactOS is used in a similar manner for a lot of Windows devs, offensive security, malware devs presumably. Since Windows isn't open source, React is a great resource for seeing how things could/might be done, relevant APIs, etc.
I doubt those serious about it wouldn't just put the actual Windows binaries through a decompiler (they're surprisingly good these days, particularly that free one from the NSA, and Microsoft even publishes the symbols for most of the binaries anyway.) Especially malware and exploits that rely on exact implementation details.