Leksa667 / Vulnerable-Driver-Manual-MapperLinks
This repository contains C++ code to load custom drivers by exploiting a vulnerable driver in Windows. This project demonstrates a technique to bypass DSE (Driver Signature Enforcement) and PatchGuard using a vulnerable driver, and to load a custom driver. It serves as a proof of concept for security research purposes.
☆13Updated last month
Alternatives and similar repositories for Vulnerable-Driver-Manual-Mapper
Users that are interested in Vulnerable-Driver-Manual-Mapper are comparing it to the libraries listed below
Sorting:
- manual map unsigned driver over signed memory☆201Updated last year
- Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.☆34Updated last year
- Virtual and physical memory hacking library using gigabyte vulnerable driver☆72Updated 2 years ago
- Kernel<->Usermode shared memory communcation using manually mapped driver☆23Updated 3 years ago
- This is an EfiGuard BootLoader that can boot EfiGuard from Usermode with no USB or Setup as a Single Executable with automatic File Dumpi…☆60Updated 11 months ago
- A simple tool to assemble shellcode ready to be copy-pasted into code☆68Updated 3 years ago
- ☆155Updated last year
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆96Updated 2 years ago
- DSE & PG bypass via BYOVD attack☆62Updated 2 months ago
- ntoskrnl .data hooks for UM-KM communication☆51Updated last year
- ☆46Updated 7 months ago
- Experiment with PAGE_GUARD protection to hide memory from other processes☆49Updated last year
- ☆80Updated last year
- browse microsoft driver server for potentially vulnerable drivers☆22Updated last year
- Kernel Level NMI Callback Blocker☆119Updated last year
- Translate virtual addresses to physical addresses from usermode.☆48Updated last year
- nmi stackwalking + module verification☆130Updated last year
- A Kernel Driver that can be used for a cheat or malware base to circumvent common cache & structure table checks. PsLoadedModuleList howe…☆161Updated 11 months ago
- TS-Changer - Forces the machine in/out of TestSigning Mode at runtime.☆64Updated 2 years ago
- Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver☆171Updated 2 years ago
- Use RTCore64 to map your driver on windows 11.☆130Updated 4 months ago
- Dumping processes using a kernel-mode driver.☆19Updated 3 years ago
- My EAC & BE Rady CR3 Reading & Writing source that I use for my KM Drivers.☆73Updated last year
- IoCreateDriver Implementation, it can be handful if you're trying to bypass anticheats☆100Updated 4 months ago
- Unknowncheats Magically Optimized Tidy Mapper using nvaudio☆135Updated last year
- load unsigned kernel-driver by patching dse in 248 lines☆134Updated last year
- driver manual mapper powered by https://github.com/estimated1337/lenovo_exec☆112Updated 2 years ago
- POC Windows kernel driver that spoofs threads for NMI callbacks on x86-64.☆23Updated 5 months ago
- ☆60Updated 2 years ago
- An advanced DKOM for drivers with "DRIVER_OBJECT"☆20Updated 2 years ago