Bypasses for Windows kernel callbacks PatchGuard protection

Overview
You might also like...
NetHunter Kernel for the OnePlus 7 Series based on DragonHeart Kernel

Linux kernel ============ This file was moved to Documentation/admin-guide/README.rst Please notice that there are several guides for kernel develop

a unix inspired, non posix compliant micro kernel (more of a monolithic kernel for now though) that i am working on in my spare time

toy-kernel a unix inspired, non posix compliant micro kernel (more of a monolithic kernel for now though) that i am working on in my spare time prereq

A kernel module that patches Linux kernel "on-the-fly" to skip TASK_RSS_EVENTS_THRESH check in check_sync_rss_stat

split-rss-counting-patch A kernel module that patches Linux kernel "on-the-fly" to skip TASK_RSS_EVENTS_THRESH check in check_sync_rss_stat. Why? Read

A library to develop kernel level Windows payloads for post HVCI era
A library to develop kernel level Windows payloads for post HVCI era

A library to develop kernel level Windows payloads for post HVCI era

x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration
x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration

anycall x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration Read: https://www.godeye.club/2021/05/14/0

A kernel level driver for Windows built to configure the Blue Screen Of Death

BSODConfigure A kernel level driver for Windows built to configure the Blue Screen Of Death. Go see the writeup at https://www.phasetw0.com/configurin

x64 Windows kernel driver mapper, inject unsigned driver using anycall
x64 Windows kernel driver mapper, inject unsigned driver using anycall

anymapper x64 Windows kernel driver mapper, inject unsigned driver using anycall This project is WIP. Todo Fix: Can't make API calls from IAT nor func

Windows kernel-mode driver emulating well-known USB game controllers.

Windows kernel-mode driver emulating well-known USB game controllers.

Windows Subsystem for Android(tm) Kernel source | 5.10 | x86_64

How do I submit patches to Android Common Kernels BEST: Make all of your changes to upstream Linux. If appropriate, backport to the stable releases. T

Comments
  • Godeye

    Godeye

    Hi Kento,

    I just figured out that your blog closed, is there any chance that you could send me your articles so I can read them again? I'd really appreciate it, thank you!

    opened by ghost 0
Owner
Kento Oki
Kento Oki
A loadlibrary injector for the game Splitgate that fully bypasses their EQU8 anti-cheat implementation.

splitgate-load-library-injector A loadlibrary injector for the game Splitgate that fully bypasses their EQU8 anti-cheat implementation. Information Th

Hinnie 8 Oct 3, 2022
A LoadLibrary injector for CS:GO that automatically bypasses Trusted Mode by disabling various Win32 function hooks.

TrustedInjector This is a LoadLibrary injector for Counter-Strike: Global Offensive. Information It automatically bypasses trusted mode by removing ho

Brandon 18 Sep 12, 2022
Real Time, High performance BOT detection and protection

REAL-TIME BOT PROTECTION CHALLENGE IronFox https://innovera.ir IronFox is a real-time and high performance bot protection, that using Nginx as a reve

Khalegh Salehi 3 Jun 5, 2022
An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents

Shellcode Fluctuation PoC A PoC implementation for an another in-memory evasion technique that cyclically encrypts and decrypts shellcode's contents t

Mariusz Banach 603 Nov 26, 2022
Blumentals Program Protector v4.x anti protection toolkit

VeNoM A Blumentals Program Protector v4.x anti protection toolkit. Reverse engineering proof-of-concept code. Screenshot & demo venomdemo.mp4 Usage Th

Aleksandar 3 Jan 10, 2022
Blumentals Program Protector v4.x protection bypass.

cphookLoader64 A Blumentals Program Protector v4.x protection bypass implemented as a memory loader. Screenshot & demo cphookloader64demo.mp4 Overview

Aleksandar 4 Jan 23, 2022
Windows kernel information leakage POCs on Windows 10 RS1+

This repository covers various techniques and methods I write while conducting research into infoleaks, these are for leaking various Windows kernel a

null 3 Nov 13, 2022
Implements a Windows service (in a DLL) that removes the rounded corners for windows in Windows 11

ep_dwm Implements a Windows service that removes the rounded corners for windows in Windows 11. Tested on Windows 11 build 22000.434. Pre-compiled bin

Valentin-Gabriel Radu 22 Nov 14, 2022
Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.

CosMapper Loads a signed kernel driver (signed with leaked cert) which allows you to map any driver to kernel mode without any traces of the signed /

null 153 Nov 19, 2022
A kernel module to provide /system/xbin/su to Android Kernel (especially to WSA)

WSA-Kernel-SU Intro This is a kernel module to provide /system/xbin/su to Android Kernel (especially to WSA). Only works on 4.17+ kernel. For older ke

LSPosed 153 Nov 16, 2022