I am currently trying to learn how to develop in the kernel mode and I have been doing the tutorials on YouTube. So far I have found them very useful however for some reason I am not able to get the process id of either CSGO(csgo.exe) or TF2(hl2.exe). The attachment bellow is of a new kernel...
Reverse Injector injects a process into your context so you can read/write a processes memory by dereferencing. the process is now inside of your context, all memory including heap, and stack.
This code uses PTM, which uses VDM.
IDontCode / reverse-injector
IDontCode / PTM
IDontCode / VDM
Call kernel functions from usermode using any driver exposing physical memory read/write. This is what physmeme does except it uses map/unmap physical memory and that project was designed to map drivers, this is designed to call kernel functions. Its a library that you can build code on :)...
Map a driver not into the kernel but into usermode! (specifically the current context) (or whatever context you want)! This keeps your driver out of the kernels paging tables (and thus not globally mapped).
This code inherits from nasa-tables which inherits code from physmeme :) I guess...
Hello, so recently, I have decided to get into the Kernel side of things for my CSGO ESP. I've been following the kernel driver tutorial on this website (guided hacking) to build my kernel driver. Everything seems to be working on my driver side but when trying to connect my driver with my...
In the spirit of dumbass questions (Sorry Rake 🙏 ),
I want to understand better about defeating anti-cheats and game-hacking in kernel mode,
seems as ring0 is probably the strongest tool to bypass anti-cheats.
some background about myself, I'm a full stack developer (So web is my thing)
This is my first simple glow esp.
Kernel mode memory read/writing, cheat working without user mode application.
If u have your own EV code signing, it will work on faceit. (tested)
<How to use?>
1. Build with Release 64bit.
2. "sc create CsgoGOTT binpath=C:\pathtosysfile\CsgoGOTT.sys...
I'd forgotten how much I loved Microsoft's shitty dependency hell, so it took me literally 4 hours to get the WDK and DDK installed. Long story short, SimpleVisor will build fine in vs2019 but by default it'll use DDK 10.0 and you need to manually change this to whatever version of DDK you have...
EQU8 is a relatively new kernel anticheat used on several games, developed by a company named Int3 Software that has been around since 2016.
Games that use EQU8 Anticheat
Splitgate: Arena Warfare
Hide or Die
Totally Accurate Battlegrounds
The kernel is mapped into every process. (Mapping means its memory is shared in every process). This usermode library allows you to patch the kernel only inside of your process (or another process). This is pretty advanced PoC and may not work on some windows versions/cpus. It works on my Intel...
This is our third kernel tutorial, you will learn how to use MmCopyVirtualMemory which is the kernel equivalent of WriteProcessMemory. This is a 2 part video, this video "Kernel 3" will show you how to setup the kernel driver, the next video will be released shortly after this and show you the...
I've been trying to read process memory with code below
PKERNEL_READ_REQUEST ReadInput = (PKERNEL_READ_REQUEST)Irp->AssociatedIrp.SystemBuffer;
if (NT_SUCCESS(PsLookupProcessByProcessId(ULongToHandle(0 /* <-- game pid*/), &Process)))...