SamuelTulach/SecureFakePkg external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

SamuelTulach/SecureFakePkg

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/SamuelTulach/SecureFakePkg)

Close

SamuelTulach / SecureFakePkgView on GitHubMore

• External links
• Readme badge

Simple EFI runtime driver that hooks GetVariable function and returns data expected by Windows to make it think that it's running with secure boot enabled (faking secure boot)

☆220Oct 1, 2021Updated 4 years ago

Alternatives and similar repositories for SecureFakePkg

Users that are interested in SecureFakePkg are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• SamuelTulach / PwnedBoot

  View on GitHub
  Using Windows' own bootloader as a shim to bypass Secure Boot
  ☆240Jul 17, 2024Updated last year
• SamuelTulach / PatchBoot

  View on GitHub
  Guide for patching AMI Aptio V UEFI firmware to circumvent Secure Boot checks
  ☆140Jun 20, 2024Updated last year
• KANKOSHEV / Detect-MouseClassServiceCallback

  View on GitHub
  mouseclassservicecallback detection via hook
  ☆54Feb 7, 2022Updated 4 years ago
• jonomango / nohv

  View on GitHub
  Kernel driver for detecting Intel VT-x hypervisors.
  ☆202Jul 11, 2023Updated 2 years ago
• muturikaranja / AfdIrpCallDispatch

  View on GitHub
  Just another .data pointer hook. This time it's hooking AfdIrpCallDispatch within Afd.sys
  ☆12Feb 22, 2022Updated 4 years ago
• End-to-end encrypted email - Proton Mail • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
• SamuelTulach / efi-memory

  View on GitHub
  PoC EFI runtime driver for memory r/w & kdmapper fork
  ☆579Nov 30, 2024Updated last year
• 0xf1a / DSMM

  View on GitHub
  Discarded Section Manual Map
  ☆68Jun 18, 2020Updated 5 years ago
• armvirus / SinMapper

  View on GitHub
  usermode driver mapper that forcefully loads any signed kernel driver (legit cert) with a big enough section (example: .data, .rdata) to …
  ☆489Jan 3, 2022Updated 4 years ago
• ekknod / sumap

  View on GitHub
  manually map driver for a signed driver memory space
  ☆179Mar 11, 2021Updated 5 years ago
• SamuelTulach / memhv

  View on GitHub
  Minimalistic AMD-V/SVM hypervisor with memory introspection capabilities
  ☆409Feb 26, 2025Updated last year
• ekknod / Nmi

  View on GitHub
  Old way for blocking NMI interrupts
  ☆29Sep 6, 2022Updated 3 years ago
• thesecretclub / callout-poc

  View on GitHub
  ☆143Jan 13, 2021Updated 5 years ago
• KANKOSHEV / Detect-KeAttachProcess

  View on GitHub
  Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.
  ☆119Feb 8, 2022Updated 4 years ago
• jonomango / superfetch

  View on GitHub
  Translate virtual addresses to physical addresses from usermode.
  ☆126Jun 7, 2024Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• SamuelTulach / rainbow

  View on GitHub
  Hide SMBIOS/disk/NIC serials from EFI bootkit
  ☆331May 14, 2021Updated 5 years ago
• SamuelTulach / negativespoofer

  View on GitHub
  PoC HWID spoofer that runs in EFI
  ☆348Dec 26, 2024Updated last year
• SamuelTulach / tpm-spoofer

  View on GitHub
  Simple proof of concept kernel mode driver hooking tpm.sys dispatch to randomize any public key reads
  ☆245Dec 16, 2023Updated 2 years ago
• VollRagm / lpmapper

  View on GitHub
  A mapper that maps shellcode into loaded large page drivers
  ☆356Apr 26, 2022Updated 4 years ago
• gmh5225 / CallMeWin32kDriver

  View on GitHub
  Load your driver like win32k.sys
  ☆257Aug 20, 2022Updated 3 years ago
• boom-cr3 / Shared-FlushFileBuffers-Communication

  View on GitHub
  Cool kernel communication method.
  ☆99Jun 27, 2021Updated 4 years ago
• waryas / KACE

  View on GitHub
  Emulate Drivers in RING3 with self context mapping or unicorn
  ☆367Aug 18, 2022Updated 3 years ago
• EBalloon / MapPage

  View on GitHub
  Mapping your code on a 0x1000 size page
  ☆71May 20, 2022Updated 4 years ago
• muturikaranja / kernel-windowless-wndproc-hook

  View on GitHub
  hooks gServerHandlers xxxEventWndProc
  ☆13May 1, 2022Updated 4 years ago
• End-to-end encrypted email - Proton Mail • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
• Xyrem / Yumekage

  View on GitHub
  Demo proof of concept for shadow regions, and implementation of HyperDeceit.
  ☆319May 31, 2023Updated 2 years ago
• 1401199262 / Hook-KdTrap

  View on GitHub
  ☆228Mar 11, 2023Updated 3 years ago
• kkent030315 / PageTableInjection

  View on GitHub
  Code Injection, Inject malicious payload via pagetables pml4.
  ☆244Jul 7, 2021Updated 4 years ago
• Sinclairq / DataCommunication

  View on GitHub
  A kernelmode driver swapping a .data pointer in the kernel to perform communication between the kernel and usermode.
  ☆137Oct 20, 2020Updated 5 years ago
• irql / nokd

  View on GitHub
  reverse engineering of the windows nt kernel debugger protocol & reimplementation.
  ☆38Jul 2, 2024Updated last year
• huoji120 / mash_hypervisor

  View on GitHub
  mash hypervisor host pml4
  ☆17Jun 22, 2022Updated 3 years ago
• ekknod / smm

  View on GitHub
  alternative smm driver for ryzen motherboards
  ☆196Oct 12, 2024Updated last year
• Sinclairq / hierarchy-eac

  View on GitHub
  Bypassing EasyAntiCheat.sys self-integrity by abusing call hierarchy
  ☆82Oct 6, 2022Updated 3 years ago
• btbd / ddma

  View on GitHub
  Disks for DMA
  ☆153Apr 28, 2021Updated 5 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• KiFilterFiberContext / warbird-hook

  View on GitHub
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆270Aug 31, 2022Updated 3 years ago
• armasm / EasyAntiPatchGuard

  View on GitHub
  Easy Anti PatchGuard
  ☆221Apr 9, 2021Updated 5 years ago
• thesecretclub / window_hijack

  View on GitHub
  Rendering on external windows via hijacking thread contexts
  ☆404Jun 28, 2020Updated 5 years ago
• ajkhoury / Errata1337

  View on GitHub
  ☆69Dec 17, 2020Updated 5 years ago
• kkent030315 / CiGetCertPublisherName

  View on GitHub
  An example code of CiGetCertPublisherName
  ☆16Mar 24, 2022Updated 4 years ago
• Barracudach / CallStack-Spoofer

  View on GitHub
  This tool will allow you to spoof the return addresses of your functions as well as system functions.
  ☆570Nov 12, 2022Updated 3 years ago
• btbd / umap

  View on GitHub
  UEFI bootkit for driver manual mapping
  ☆595Jan 1, 2024Updated 2 years ago