0mWindyBug / KDP-compatible-driver-loader
KDP compatible unsigned driver loader leveraging a write primitive in one of the IOCTLs of gdrv.sys
☆117Updated 3 months ago
Related projects: ⓘ
- load unsigned kernel-driver by patching dse in 248 lines☆96Updated 5 months ago
- Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver☆140Updated last year
- manual map unsigned driver over signed memory☆152Updated 5 months ago
- Kernel driver for detecting Intel VT-x hypervisors.☆167Updated last year
- base for testing☆146Updated this week
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆111Updated 2 years ago
- Standard Kernel Library for Windows hacking in C++☆57Updated last month
- Unknowncheats Magically Optimized Tidy Mapper using nvaudio☆91Updated 3 months ago
- ☆145Updated 3 months ago
- nmi stackwalking + module verification☆78Updated 8 months ago
- State of the art DLL injector that took 20 minutes to make☆195Updated last year
- driver manual mapper powered by https://github.com/estimated1337/lenovo_exec☆100Updated last year
- ☆150Updated 4 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆133Updated 2 years ago
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.☆260Updated 3 years ago
- Kernel Lazy Importer☆107Updated 5 months ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆108Updated 2 years ago
- A mapper that maps shellcode into loaded large page drivers☆215Updated 2 years ago
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆100Updated last year
- Virtual and physical memory hacking library using gigabyte vulnerable driver☆69Updated last year
- ☆212Updated last week
- Check your detection vectors☆132Updated last year
- Kernel driver that .text hooks a syscall in dxgkrnl.sys which can be called from our user-mode client to send instructions like rpm/wpm a…☆129Updated last year
- ☆173Updated 2 years ago
- DSE & PG bypass via BYOVD attack☆34Updated 5 months ago
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆75Updated last year
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆188Updated 3 years ago
- Use RTCore64 to map your driver on windows 11.☆90Updated 5 months ago
- Drawing from kernelmode without any hooks☆154Updated 2 years ago
- Load your driver like win32k.sys☆242Updated 2 years ago