SSDE is a collection of utilities that help in having Windows load your custom signed kernel drivers when Secure Boot is on and you own the system's platform key, instead of using test mode.
☆265Aug 27, 2021Updated 4 years ago
Alternatives and similar repositories for ssde
Users that are interested in ssde are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Load self-signed drivers without TestSigning or disable DSE. Transferred from https://github.com/DoubleLabyrinth/Windows10-CustomKernelSi…☆783Jan 22, 2020Updated 6 years ago
- This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness☆58Sep 12, 2019Updated 6 years ago
- ☆23May 8, 2023Updated 2 years ago
- x64 PE-COFF virtualization driven obfuscation engine☆58Oct 14, 2022Updated 3 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆271Aug 31, 2022Updated 3 years ago
- An x64 page table iterator written in C++ as a kernel mode windows driver.☆119May 25, 2021Updated 4 years ago
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆393Jul 6, 2022Updated 3 years ago
- ☆26Sep 29, 2022Updated 3 years ago
- Exploit MsIo vulnerable driver☆129Aug 12, 2021Updated 4 years ago
- ☆31Sep 12, 2024Updated last year
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…☆387Jan 29, 2022Updated 4 years ago
- A wrapper class to hide the original calling address of a function☆55Aug 9, 2020Updated 5 years ago
- Disable PatchGuard and Driver Signature Enforcement at boot time☆2,329Aug 3, 2025Updated 7 months ago
- Walks through the 4-level paging structures in Windows x64☆13Feb 12, 2023Updated 3 years ago
- A custom implementation of the Nanomites protection technology for Windows executables (x86 and x64) originally introduced by Silicon Rea…☆36Jan 11, 2026Updated 2 months ago
- KDP compatible unsigned driver loader leveraging a write primitive in one of the IOCTLs of gdrv.sys☆166Jun 14, 2024Updated last year
- nmi stackwalking + module verification☆165Dec 28, 2023Updated 2 years ago
- Easy Anti PatchGuard☆223Apr 9, 2021Updated 4 years ago
- partially disable patchguard up to win11 21H2☆19Jun 3, 2024Updated last year
- DSE bypass using a leaked cert and adjusting the current clock.☆158Oct 3, 2025Updated 5 months ago
- Driver demonstrating how to register a DPC to asynchronously wait on an object☆51Jan 15, 2021Updated 5 years ago
- Windows 11 24H2-25H2 Runtime PatchGuard Bypass☆256Nov 4, 2025Updated 4 months ago
- usermode driver mapper that forcefully loads any signed kernel driver (legit cert) with a big enough section (example: .data, .rdata) to …☆475Jan 3, 2022Updated 4 years ago
- windows rootkit☆60May 2, 2024Updated last year
- HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate oper…☆380Jun 3, 2023Updated 2 years ago
- PointerGuard is a proof-of-concept tool used to create 'guarded' pointers which disguise pointer addresses, monitor reads/writes, and pre…☆57May 23, 2022Updated 3 years ago
- Hook NtDeviceIoControlFile with PatchGuard☆107May 10, 2022Updated 3 years ago
- Kernel-Mode extended version of https://github.com/microsoft/Detours☆180Jun 1, 2025Updated 9 months ago
- Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.☆905Nov 21, 2019Updated 6 years ago
- Windows Kernel API wrapper with simplified functions and enterprise driver extensions.☆33Jul 8, 2025Updated 8 months ago
- An example of Windows NT Native API application and kernel driver☆22Feb 10, 2020Updated 6 years ago
- Kernel Driver Utility☆2,453Feb 17, 2026Updated last month
- Static user/kernel mode library that allows access to all functions and global variables by extracting offsets from the PDB☆118May 29, 2025Updated 9 months ago
- A library to develop kernel level Windows payloads for post HVCI era☆488May 18, 2021Updated 4 years ago
- A packed & protected Module Loader and more, for 64-bit Windows☆27Mar 5, 2021Updated 5 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- 这篇文章的目的是介绍一款实验性项目基于COM命名管道或者Windows Hyper-V虚拟机Vmbus通道实现的运行在uefi上的windbg调试引擎开发心得☆43Jun 16, 2024Updated last year
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆241Nov 6, 2019Updated 6 years ago
- 关于intel和amd指令行为不一样这件事☆62Apr 15, 2022Updated 3 years ago