GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → JKornev → Hidden

JKornev / Hidden

Windows driver with usermode interface which can hide objects of file-system and registry, protect processes and etc

Programming Languages

c
50402 projects - #5 most used programming language

Labels

securitywindowskerneldrivermalware-analysisregistryrcerootkit

Projects that are alternatives of or similar to Hidden

Awesome Windows Security Development
awesome-windows-security-development
Stars: ✭ 154 (-79.95%)
Mutual labels:  driver, kernel, rootkit
pps-gen-gpio
Linux kernel PPS generator using GPIO pins
Stars: ✭ 25 (-96.74%)
Mutual labels:  kernel, driver
pearlfan
GNU/Linux kernel driver and libusb app for a Pearl's USB LED fan
Stars: ✭ 20 (-97.4%)
Mutual labels:  kernel, driver
Diamorphine
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (-5.6%)
Mutual labels:  kernel, rootkit
w1-gpio-cl
Command line configured kernel mode 1-wire bus master driver. w1-gpio standard Linux module enhancement/substitution.
Stars: ✭ 17 (-97.79%)
Mutual labels:  kernel, driver
KMAC
Some usefull info when reverse engineering Kernel Mode Anti-Cheat
Stars: ✭ 31 (-95.96%)
Mutual labels:  kernel, driver
Exploit-Development
Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
Stars: ✭ 84 (-89.06%)
Mutual labels:  kernel, rce
Vulnerable Kext
A WIP "Vulnerable by Design" kext for iOS/macOS to play & learn *OS kernel exploitation
Stars: ✭ 188 (-75.52%)
Mutual labels:  driver, kernel
Razer Laptop Control
Project to create driver/software to control performance of razer laptops
Stars: ✭ 268 (-65.1%)
Mutual labels:  driver, kernel
Winfsp
Windows File System Proxy - FUSE for Windows
Stars: ✭ 4,071 (+430.08%)
Mutual labels:  driver, kernel
S6 pcie microblaze
PCI Express DIY hacking toolkit for Xilinx SP605
Stars: ✭ 301 (-60.81%)
Mutual labels:  kernel, rootkit
fix-linux-mouse
Hints how to fix USB mouse issues on Linux
Stars: ✭ 36 (-95.31%)
Mutual labels:  kernel, driver
NtSymbol
Resolve DOS MZ executable symbols at runtime
Stars: ✭ 78 (-89.84%)
Mutual labels:  kernel, rootkit
Driver.NET
Lightweight and flexible library to load and communicate with kernel drivers on Windows.
Stars: ✭ 59 (-92.32%)
Mutual labels:  kernel, driver
Wmi Static Spoofer
Spoofing the Windows 10 HDD/diskdrive serialnumber from kernel without hooking
Stars: ✭ 199 (-74.09%)
Mutual labels:  driver, kernel
Cat-Driver
CatDriver - The Kernel Mode Driver that written in C++. It is an useful driver and has the highest privilege level on the Windows platform. It can be used for Game Hacking and others.
Stars: ✭ 41 (-94.66%)
Mutual labels:  kernel, driver
Wdbgark
WinDBG Anti-RootKit Extension
Stars: ✭ 450 (-41.41%)
Mutual labels:  driver, malware-analysis
Garhal csgo
A project that demonstrates how to screw with CSGO from Kernel Space. (CSGO Kernel Cheat/Hack) All cleaned up, and with updated offsets.
Stars: ✭ 179 (-76.69%)
Mutual labels:  driver, kernel
Ksocket
KSOCKET provides a very basic example how to make a network connections in the Windows Driver by using WSK
Stars: ✭ 183 (-76.17%)
Mutual labels:  driver, kernel
KDBG
The windows kernel debugger consists of two parts, KMOD which is the kernel driver handling ring3 request and KCLI; the command line interface for the driver. It originated due to insufficient useability with CheatEngine's DBVM driver while debugging games running under certain AntiCheat software.
Stars: ✭ 28 (-96.35%)
Mutual labels:  kernel, driver
View All Similar Projects ➔

Hidden

This toolset is developed like a solution for my reverse engineering and researching tasks. This is a windows driver with a usermode interface which is used for hidding specific environment on VMs, like installed rce programs (ex. procmon, wireshark), vm infrastracture (ex. vmware tools) and etc.

Features

  • hide registry keys and values
  • hide files and directories
  • protect specific processes using ObRegisterCallbacks
  • exclude specific processes from hidding and protection features
  • usermode interface (lib and cli) for working with driver

and so on

System requirements

Works on Windows Vista and above, x86 and x64

Recommended build environment

  • Visual Studio 2019
  • Windows Driver Kit 10

Building

Following guide explains how to make a release win32 build

  1. Open Hidden.sln using Visual Studio
  2. Build Hidden Package project with configurations Release, Win32
  3. Open build results folder <ProjectDir>\Release

Installing

  1. Disable a digital signature enforcement on a test machine (bcdedit /set TESTSIGNING ON) and reboot it
  2. Copy files from <ProjectDir>\Release\Hidden Package to a test machine
  3. Right mouse click on Hidden.inf and choose Install
  4. Start a driver (sc start hidden)
  5. Make sure service is running (sc query hidden)

Important: Keep in mind that the driver bitness have to be the same to an OS bitness

Hiding

A command line tool hiddencli is used for managing a driver. You are able to use it for hiding and unhiding objects, changing a driver state and so on.

To hide a calc.exe try this one

hiddencli /hide file c:\Windows\System32\calc.exe

Want to hide directory? No problems

hiddencli /hide dir "c:\Program Files\VMWare"

Registry key?

hiddencli /hide regkey "HKCU\Software\VMware, Inc."

To get a full help just type

hiddencli /help
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].