ENV's repositories
PdFwKrnlMapper
An Unsigned Driver Mapper for Windows 10 22H2 -> Windows 11 23H2 that uses PdFwKrnl to exploit the Read/Write IOCTL Calls to disable DSE & PG to map the unsigned driver.
64KernelDriverCleaner
A Kernel Driver that can be used for a cheat or malware base to circumvent common cache & structure table checks. PsLoadedModuleList however requires a PG Bypass on (Some) Machines > 22H2 Win10, Not Win 11
EACBypass-CR3ReadyDrv
This is my EAC Bypass (Setup) Driver that offers an undetected communication and callback handler/hooking system through IOCTL.
BEKernelDriverUpdated
This is a repo of my previous BEKernelDriver but updated to add better protections and a more detailed setup. also with a good bit of code cleanup.
NmiCallbackBlocker
Kernel Level NMI Callback Blocker
BEKernelDriver
An Undetected BE Kernel Driver I developed, Will probably be detected upon releasing this but can be made undetected very easily. Does not work for EAC as there is no CR3 Fixing/Patching/Restore along with no APC/Stackwalk Protections/KE.
KernelDriverkSockets
A simple kernel driver for R/W Using kSockets with some bypass implementation overall I wouldn't say its "ud"
EAC-CR3Bypass
My EAC & BE Rady CR3 Reading & Writing source that I use for my KM Drivers.
EfiGuardUsermodeLoader
This is an EfiGuard BootLoader that can boot EfiGuard from Usermode with no USB or Setup as a Single Executable with automatic File Dumping using Bytes.
NMICallbackBlocker2
This is a POC Test project for INTEL CPUs on blocking NMI Entries through the IDT Handler.
KRNLDriver
My personal / private P2C Project undetected for 8- Months Straight leaked & resold so I am publishing it to piss them off.
SilentFunctionCaller
Allows for same-file KernelMode function execution using Encrypted addresses of Functions
HookDumper
WinAPI Hooking tool that can dump data written to processes or to files through IO.
CS2SnapTap-Bypass
This is just a personal SnapTap Project for CS2 I made in python to get past the recent VAC 3.0 SnapTap & SOCD Detections
CapWareVal-Medusa
CapWare / Medusa Valorant Source + Driver
eprocess-dkom-unlinking
EPROCESS Unlinking example in "C" using DKOM Manipulation
ManipulateFileAttributes
A Driver to Manipulate Executable Attributes such as CreationTime, LastAccessTime, LastWriteTime, ChangeTime
UniversalViewMatrixFinder
This is my own take on a ViewMatrix finder universally for every game! all you have to change is setting a cord of the player or auto set cords through memory and select player pos on screen then go through it all!
EngineWatch
EngineWatch source is a bot for discord that scans files sent by users in your server, It will Download and scan the files through (VirusTotal) with over 73 Anti-Virus Engines using the Virus-Total API, As well as including Md5 Scanning and Hash Scanning.
FileSoundEncoder
A Python script to encode and encrypt files into an audible sound file that can be decoded/decrypted back to its original file.
QueryBtcScript
A BTC/Bitecoin brute forcing script & server host for PostgreSQL Bitcoin Db
UEFIPayloadInterfaceRW
This is a base using PlyClaw UEFI Payload Exploit to create an NTOSKRNL UEFI Interface to execute kernel based functions