Repository navigation

#

patchguard

Mattiwatti/EfiGuard
Mattiwatti / EfiGuard 

Disable PatchGuard and Driver Signature Enforcement at boot time

patchguardefiUEFIbootkitdriverKernelsigningWindows
C++
2124
2 个月前
can1357 / ByePg 

Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.

patchguardExploitWindowsKernel
C++
895
6 年前
hfiref0x / UPGDSED 

Universal PatchGuard and Driver Signature Enforcement Disable

patchguardkppdseabandonwareC
C
850
7 年前
FiYHer / InfinityHookPro 

InfinityHookPro Win7 -> Win11 latest

hookpatchguardrootkitKerneldriverwin8win10win11
C++
544
3 年前
KiFilterFiberContext / warbird-hook 

Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard

microsoft-warbirdpatchguard
C++
255
3 年前
kkent030315 / NoPatchGuardCallback 

x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code

WindowsKernelpatchguardkpp
C
205
4 年前
NeoMaster831 / kurasagi 

Windows 11 24H2 Runtime PatchGuard Bypass

24h2bypasskpppatchguardpgWindows
C++
190
24 天前
DErDYAST1R / NmiCallbackBlocker 

Kernel Level NMI Callback Blocker

blockerbypasscallbackdriverExploithvcintoskrnlpatchguardProjectundetectedWindows
C++
122
7 天前
zhutingxf / InfinityHookPro 

InfinityHook 支持Win7 到 Win11 最新版本,虚拟机环境及物理机环境

hookpatchguard
C++
88
1 年前
4l3x777 / dse_pg_bypass 

DSE & PG bypass via BYOVD attack

byovddsepatchguardpoc逆向工程
C++
64
3 个月前
i32-Sudo / VulnerablePatchGuardExploit 

A Vulnerable PatchGuard Exploit that can be used to disable PatchGuard on Runtime.

battleyebypassExploitpatchguardpgundetectedworking
C++
15
1 年前
rootkitenthusiast / pg-disabler 

runtime patchguard disabler (win 10 & 11)

Kernelntoskrnlpatchguardwdkwin10
C
12
2 个月前
DErDYAST1R / eprocess-dkom-unlinking 

EPROCESS Unlinking example in "C" using DKOM Manipulation

elinkntoskrnlpatchguardprocessundetected
C++
10
1 年前
gmh5225 / QuickPGTrigger 

The stress testing of your PG bypass [old school project]

pgpatchguard
C++
10
4 年前
ByteWhite1x1 / EDR-bypass-disable-PspNotifyEnableMask 

A single byte modification in the kernel memory bypasses and disables all core functions of the AV/EDR security solutions

bypasspatchguard
C
7
1 个月前
PspExitThread / Kernel-Tools 

Anti-Rootkit

arkanti-rootkit工具debuggerdriverdriversKernelWindowsdsehvcipatchguard
7
7 个月前
sondernextdoor / Kairos 

Kairos is a next-generation, red-team-oriented Windows kernel defense neutralization framework. It combines traditional runtime patching with UEFI persistence, hypervisor-level surveillance, and Secure Kernel deception.

bypassguardinternalsKernelkpppatchpatchguardprotectionWindows
C
5
6 个月前
rootkitenthusiast / patchedguard 

22h2 Windows patchguard runtime disabler.

bypassC++KernelkpppatchguardruntimeWindows
C
4
2 个月前
cedricg-mirror / KDCOM 

Small modifications from BugChecker, build a KDCOM.dll to lure the Windows Kernel into believing that it is beeing debugged to deactivate PatchGuard

patchguard
C++
4
2 个月前
DErDYAST1R / PsLoadedModuleList-Dkom-Unlinking 

PsLoadedModuleList Unlinking through DKOM Manipulation

listmodulentoskrnlpatchguardprocessundetected
4
7 天前