0mWindyBug / KDP-compatible-driver-loader
KDP compatible unsigned driver loader leveraging a write primitive in one of the IOCTLs of gdrv.sys
☆132Updated 5 months ago
Related projects ⓘ
Alternatives and complementary repositories for KDP-compatible-driver-loader
- load unsigned kernel-driver by patching dse in 248 lines☆109Updated 8 months ago
- manual map unsigned driver over signed memory☆183Updated 7 months ago
- Kernel driver for detecting Intel VT-x hypervisors.☆170Updated last year
- Standard Kernel Library for Windows hacking in C++☆89Updated 3 months ago
- Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver☆152Updated last year
- Unknowncheats Magically Optimized Tidy Mapper using nvaudio☆100Updated 5 months ago
- base for testing☆156Updated last month
- ☆89Updated 3 weeks ago
- nmi stackwalking + module verification☆91Updated 10 months ago
- State of the art DLL injector that took 20 minutes to make☆207Updated last year
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆80Updated last year
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆117Updated 3 years ago
- A mapper that maps shellcode into loaded large page drivers☆229Updated 2 years ago
- ☆225Updated 2 months ago
- ☆177Updated 2 years ago
- DSE & PG bypass via BYOVD attack☆37Updated 7 months ago
- driver manual mapper powered by https://github.com/estimated1337/lenovo_exec☆102Updated last year
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆110Updated 2 years ago
- ☆150Updated 6 months ago
- ☆153Updated 5 years ago
- Kernel Lazy Importer☆111Updated 7 months ago
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.☆277Updated 3 years ago
- Load your driver like win32k.sys☆246Updated 2 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆136Updated 2 years ago
- Kernel driver that .text hooks a syscall in dxgkrnl.sys which can be called from our user-mode client to send instructions like rpm/wpm a…☆147Updated last year
- Abusing nvidia driver (nvoclock.sys) for physical/virtual memory and control register manipulation.☆245Updated last year
- An Unsigned Driver Mapper for Windows 10 22H2 -> Windows 11 23H2 that uses PdFwKrnl to exploit the Read/Write IOCTL Calls to disable DSE …☆77Updated 2 months ago
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆106Updated last year
- Elevate a process to be a protected process☆142Updated 5 years ago
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆201Updated 4 years ago