1 Repo
Exploiting signed but vulnerable drivers (Bring Your Own Vulnerable Driver) to gain privileged kernel write access.
Distinct from Offensive Kernel Drivers: Distinct from Offensive Kernel Drivers: focuses specifically on the 'Bring Your Own Vulnerable Driver' pattern to bypass signature enforcement.
Explore 1 awesome GitHub repository matching operating systems & systems programming · BYOVD Exploitation. Refine with filters or upvote what's useful.
kdmapper is a kernel driver mapper and loader designed to deploy unsigned binaries into privileged kernel memory. It functions as a manual mapper that resolves imports and relocations to execute unsigned code in a privileged environment. The tool bypasses driver signature enforcement by leveraging vulnerable signed drivers to gain write access to protected kernel memory regions. It includes a kernel offset resolver that parses debug symbol files to identify correct memory addresses across different operating system builds. To maintain stealth, the project implements driver trace obfuscation
Leverages vulnerable signed drivers to gain write access to protected kernel memory regions.