Patches the call instruction at kernelbase!VirtualAlloc+0x41 by placing legitimate NTAPI stub at the same address and moving the rest of the function down 8 bytes (stub size).
The RIP relative offset for call QWORD PTR ds:[&ZwAllocateVirtualMemory] is recalculated and the pointer to the NTAPI call is patched to always land at syscall instruction, effectively skipping over installed trampolines.
Stack trace of patched call:

[0x0]   ntdll!NtAllocateVirtualMemory + 0x12   
[0x1]   KERNELBASE!VirtualAlloc + 0x4f   [non-standard offset could be potentially a detection vector]
[0x2]   NtAllocateVirtualMemory!main + 0x24e   
[0x3]   NtAllocateVirtualMemory!invoke_main + 0x22   
[0x4]   NtAllocateVirtualMemory!__scrt_common_main_seh + 0x10c   
[0x5]   KERNEL32!BaseThreadInitThunk + 0x14   
[0x6]   ntdll!RtlUserThreadStart + 0x21   

Tested on Win10 x64 21H2 (19044.2728)

Patches the call instruction at kernelbase!SetProcessInformation+0xDB, ... blah, blah, same thing over and over again, you get the picture... in order to set current process as critical.
I took a lazy route with this one, because SetProcessInformation rejects ProcessBreakOnTermination flag, so in this one we're langing straight on top of the fugazi stub in KernelBase.
Since we're skipping all the meal prep that SetProcessInformation does before calling the NTCALL NtSetInformationProcess, we're gonna segfault very soon after returning from NTDLL, which will of course result in a BSOD with stopcode CRITICAL_PROCESS_DIED. The way around this is to patch all the conditional jumps inside SetProcessInformation, before the call takes place, but since the purpose of this is to BSOD anyway, it is literally pointless for me to bother with this.

Tested on Win10 x64 22H2 (19045.2728)
KernelBase.dll version 10.0.19041.2728

Self-explanatory. Offset is KERNELBASE.DLL!WriteProcessMemory+0xB7.
Usage: NtWriteVirtualMemory.exe <pid> <address>

Tested on Win10 x64 21H2 (19044.2846) KernelBase.dll version 10.0.19041.2788