You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The windows kernel debugger consists of two parts, KMOD which is the kernel driver handling ring3 request and KCLI, the command line interface for the driver. It originated due to insufficient useability with CheatEngine's DBVM driver while debugging games running under certain AntiCheat software.
A Kernel Driver that can be used for a cheat or malware base to circumvent common cache & structure table checks. PsLoadedModuleList however requires a PG Bypass on (Some) Machines > 22H2 Win10, Not Win 11
Changes assembly by adding extra instructions, these instructions don't change the end result of the register. We do this as vac scans for patterns of code, by changing the assembly, we make the pattern scanning harder for the anticheat. This is not a vac bypass, only should be used as a way to bypass the anti cheat whilst using other methods.
DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Security researchers identified this technique which uses a simplified process of DLL hijacking and mock folders to bypass UAC control. I tested this on Windows 10,11 and bypassed Windows 10 UAC security feature.