Skip to content

nbqofficial/HideDriver

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 

Repository files navigation

HideDriver ( Direct kernel object manipulation )

Using DKOM to hide kernel mode drivers.

HideDriver() function changes flink and blink pointers of previous and next process in the process list to point around our Driver process. This makes our Driver vanish in programs like DriverView because those programs enumerate process list in which our Driver process has been snipped out.

This could be incredibly useful for someone trying to bypass certain anticheat software to circumvent security when programming a rootkit-like software.

Everything you need is provided in the project. For driver development you need Visual Studio 2015 Professional with WDK and SDK installed.

About

Using DKOM to hide kernel mode drivers

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages