Giters

deadash / s4killer

BYOVD process killer

Home Page:https://antonioparata.blogspot.com/2024/02/exploiting-vulnerable-minifilter-driver.html

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

s4killer - BYOVD process killer

This is the source code associated with my blog post on exploiting the probmon.sys Minifilter driver in order to create a process killer.

Link https://antonioparata.blogspot.com/2024/02/exploiting-vulnerable-minifilter-driver.html

Demo video (in italian) https://www.youtube.com/watch?v=I4joF2sQWHU where MsMpEng.exe is terminated (at 20:40)

Build

Run cargo build --release in the root directory. The binary will be in target\release\s4killer.exe

Usage

s4killer.exe <PID or PROGRAM> eg. s4killer.exe notepad.exe

About

BYOVD process killer

https://antonioparata.blogspot.com/2024/02/exploiting-vulnerable-minifilter-driver.html

Languages

Language:Rust 100.0%