SSDE is a collection of utilities that help in having Windows load your custom signed kernel drivers when Secure Boot is on and you own the system's platform key, instead of using test mode.
☆264Aug 27, 2021Updated 4 years ago
Alternatives and similar repositories for ssde
Users that are interested in ssde are comparing it to the libraries listed below
Sorting:
- Load self-signed drivers without TestSigning or disable DSE. Transferred from https://github.com/DoubleLabyrinth/Windows10-CustomKernelSi…☆781Jan 22, 2020Updated 6 years ago
- This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness☆53Sep 12, 2019Updated 6 years ago
- An x64 page table iterator written in C++ as a kernel mode windows driver.☆119May 25, 2021Updated 4 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆268Aug 31, 2022Updated 3 years ago
- partially disable patchguard up to win11 21H2☆19Jun 3, 2024Updated last year
- x64 PE-COFF virtualization driven obfuscation engine☆58Oct 14, 2022Updated 3 years ago
- A wrapper class to hide the original calling address of a function☆54Aug 9, 2020Updated 5 years ago
- Walks through the 4-level paging structures in Windows x64☆13Feb 12, 2023Updated 3 years ago
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…☆385Jan 29, 2022Updated 4 years ago
- Custom KiSystemStartup, can be used to modificate kernel before boot.☆53Apr 7, 2022Updated 3 years ago
- Hook NtDeviceIoControlFile with PatchGuard☆107May 10, 2022Updated 3 years ago
- windows rootkit☆60May 2, 2024Updated last year
- ☆26Sep 29, 2022Updated 3 years ago
- KDP compatible unsigned driver loader leveraging a write primitive in one of the IOCTLs of gdrv.sys☆165Jun 14, 2024Updated last year
- Easy Anti PatchGuard☆223Apr 9, 2021Updated 4 years ago
- Using Windows' own bootloader as a shim to bypass Secure Boot☆225Jul 17, 2024Updated last year
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆388Jul 6, 2022Updated 3 years ago
- 关于intel和amd指令行为不一样这件事☆62Apr 15, 2022Updated 3 years ago
- Windows kernel driver that detects hypervisors by probing SIDT/LIDT edge cases, paging/TLB behaviors, privilege transitions, and timing e…☆36Dec 17, 2025Updated 2 months ago
- ☆31Sep 12, 2024Updated last year
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 3 years ago
- Disable PatchGuard and Driver Signature Enforcement at boot time☆2,254Aug 3, 2025Updated 6 months ago
- 这篇文章的目的是介绍一款实验性项目基于COM命名管道或者Windows Hyper-V虚拟机Vmbus通道实现的运行在uefi上的windbg调试引擎开发心得☆44Jun 16, 2024Updated last year
- Kernel-Mode extended version of https://github.com/microsoft/Detours☆180Jun 1, 2025Updated 9 months ago
- Standard Kernel Library for Windows manipulation in C++☆199Jun 18, 2025Updated 8 months ago
- A packed & protected Module Loader and more, for 64-bit Windows☆27Mar 5, 2021Updated 4 years ago
- PointerGuard is a proof-of-concept tool used to create 'guarded' pointers which disguise pointer addresses, monitor reads/writes, and pre…☆57May 23, 2022Updated 3 years ago
- usermode driver mapper that forcefully loads any signed kernel driver (legit cert) with a big enough section (example: .data, .rdata) to …☆470Jan 3, 2022Updated 4 years ago
- Disks for DMA☆141Apr 28, 2021Updated 4 years ago
- HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate oper…☆379Jun 3, 2023Updated 2 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- ☆29Mar 9, 2024Updated last year
- "Mingw64 Driver Plus Plus": Mingw64, C++, DDK and (EA)STL made easy!☆44Updated this week
- A library to develop kernel level Windows payloads for post HVCI era☆485May 18, 2021Updated 4 years ago
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆219Nov 12, 2020Updated 5 years ago
- Anti-Rootkit Tool for Windows☆12Mar 24, 2025Updated 11 months ago
- Windows CIFS/SMB packet generation and SMB networking library☆12Aug 25, 2020Updated 5 years ago
- ☆10Aug 16, 2019Updated 6 years ago
- nmi stackwalking + module verification☆162Dec 28, 2023Updated 2 years ago