Skip to content

gmh5225/CallMeWin32kDriver

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
CallMeWin32kDriver
CallMeWin32kDriver
 
 
win32kbro
win32kbro
 
 
.clang-format
.clang-format
 
 
CallMeWin32kDriver.sln
CallMeWin32kDriver.sln
 
 
README.md
README.md
 
 
license
license
 
 

Repository files navigation

CallMeWin32kDriver

Load your driver like win32k.sys

Q`NXJ7G@89G@K)6~5H8JA@6

~MF %CSVW(FCL8H1G4UJ@6Y

Motivation

This feature was analyzed from a certain PUBG cheat driver.

What it can do?

  • Protection against direct dump by Anti-Rootkit tools
  • Bypass MmCopyMemory
  • Hide world does not trigger PG

How to detect?

  • Attach a GUI process before using MmCopyMemory

Compile

  • Visual Studio 2022 & WDK10
  • llvm-msvc [link]

Some discussions on UnknownCheats

https://www.unknowncheats.me/forum/anti-cheat-bypass/511107-load-driver-win32k-sys.html

About

Load your driver like win32k.sys

www.unknowncheats.me/forum/anti-cheat-bypass/511107-load-driver-win32k-sys.html

Topics

game windows hack rootkit driver cheat anticheat dump hide anti pubg win32k llvm-msvc mmcopymemory psloadedmodulelist

Resources

Readme

License

MIT license
Activity

Stars

247 stars

Watchers

8 watching

Forks

72 forks
Report repository

Packages

No packages published

Languages