Skip to content
/ KDBGDecryptor Public

A simple example how to decrypt kernel debugger data block

26 stars 9 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Air14/KDBGDecryptor

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
KDBGDecryptor
KDBGDecryptor
 
 
KDBGDecryptor.sln
KDBGDecryptor.sln
 
 
README.md
README.md
 
 

Repository files navigation

KDBGDecryptor

A simple example how to decrypt kernel debugger data block with two different methods:

  1. By calling KdDecodeBlockData
  2. By copying encrypted kdbg struct from memory and then decrypting it with KiWaitNever and KiWaitAlways (more stealthy)

This sample was tested on Windows 20H2 (build 19042)

About

A simple example how to decrypt kernel debugger data block

Resources

Readme
Activity

Stars

26 stars

Watchers

4 watching

Forks

9 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages