Mirrors/wavestone-cdt-edrsandblast
1
0
Fork 0
mirror of https://github.com/wavestone-cdt/EDRSandblast.git synced 2026-06-08 16:37:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
76 Commits 2 Branches 0 Tags
e567c488ffc26c7dce0b98430d9d2c1f7f35e6ba
Commit Graph

4 Commits

Author SHA1 Message Date
Maxime Meignan f15471d12c DSE bypass : implemented "callback swapping" method 
The new default method for unsigned driver loading uses a KDP compatible
technique, since it does not overwrite the protected variable g_CiOptions.
Based on the work of: https://github.com/0mWindyBug/KDP-compatible-driver-loader

Co-authored-by: Windy Bug <139051196+0mWindyBug@users.noreply.github.com>
 2023-11-03 15:13:36 +01:00
Maxime Meignan 7590a11389 CiOptions: Simplifies the way CI.dll base address is recovered 
Instead of using the kernel R/W primitive, uses userland API to enumerate
kernel modules
 2023-10-09 16:30:36 +02:00
Maxime Meignan 0b0086ea92 cosmetic changes & compiler warnings fixes 2023-10-09 14:57:49 +02:00
v1k1ngfr 7be844b518 Add feature : loading unsigned driver 2023-10-06 12:48:29 +02:00