There are 11 repositories under kernel-driver topic.
Windows paravirtualized drivers for QEMU\KVM
Writing & Making Operating System and Kernel parts so simple like Hello World Programs, Starting from writing Bootloaders, Hello World Kernel, GDT, IDT, Terminal, Keyboard/Mouse, Memory Manager, HDD ATA R/W, VGA/VESA Graphics
A basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager
Linux kernel driver for Wacom devices
kernel mode anti cheat
protector & obfuscator & code virtualizer
The goal of the tool is to monitor requests received by selected device objects or kernel drivers. The tool is quite similar to IrpTracker but has several enhancements. It supports 64-bit versions of Windows (no inline hooks are used, only moodifications to driver object structures are performed) and monitors IRP, FastIo, AddDevice, DriverUnload and StartIo requests.
DR.CHECKER : A Soundy Vulnerability Detection Tool for Linux Kernel Drivers
RedSails is a Python based post-exploitation project aimed at bypassing host based security monitoring and logging. DerbyCon 2017 Talk: https://www.youtube.com/watch?v=Ul8uPvlOsug
CMake module for building drivers with Windows Development Kit (WDK)
Windows x64 kernel mode rootkit process hollowing POC.
C/C++ Runtime library for system file (Windows Kernel Driver) - Supports Microsoft STL
Tutorial & a blog post that demonstrate how to code a Windows driver to inject a custom DLL into all running processes. I coded it from start to finish using C++ and x86/x64 Assembly language in Microsoft Visual Studio. The solution includes a kernel driver project, a DLL project and a C++ test console project.
A mutation based user mode (ring3) dumb in-memory Windows Kernel (IOCTL) Fuzzer/Logger. This script attach it self to any given process and hooks DeviceIoControl!Kernel32 API and try to log or fuzz all I/O Control code I/O Buffer pointer, I/O buffer length that process sends to any Kernel driver.
Some usefull info when reverse engineering Kernel Mode Anti-Cheat
An environment and set of utilities aimed at making kernel hacking simple and accessible
capcom-like executor for any physmem driver
arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system
File system minifilter driver for Windows to block symbolic link attacks.
Use ntdll/ntoskrnl to implement Kernel32, Advapi32 and other APIs. It includes user-mode and kernel-mode.
intel vt-x type 2 hypervisor
Write Linux kernel drivers from scratch and hacking
๐ Code to read / write the Process Memory from the Kernel ๐ง
Bringing kernel driver to C# with NativeAOT (Surpassed by https://github.com/ZeroLP/WDK.NET)
Record & prevent file deletion in kernel mode
Undetected Call of duty: MW, Warzone kernel injector.
Record & prevent process creation in kernel mode
A simple kernel-level plugin for ReClass.NET
Keylogger driver for Windows
A Windows filter driver that disables hardware volume control on audio devices.