Mhyprot2DrvControl
VectorKernel
Mhyprot2DrvControl | VectorKernel | |
---|---|---|
2 | 2 | |
333 | 290 | |
- | - | |
4.3 | 8.8 | |
over 3 years ago | 8 days ago | |
C# | C# | |
MIT License | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Mhyprot2DrvControl
-
Ransomware abuses Genshin Impact's kernel mode anti-cheat to bypass antivirus protection
Code seems to already to have been developed to use it 2 years ago: https://github.com/kagurazakasanae/Mhyprot2DrvControl
-
Microsoft admits to signing rootkit malware in supply-chain fiasco
Here's a PoC for it on GitHub, you can read the code, it's pretty much just an IOCTL for each operation. Check Driver/MhyProt2.cs.
https://github.com/kagurazakasanae/Mhyprot2DrvControl
VectorKernel
What are some alternatives?
evil-mhyprot-cli - A PoC for Mhyprot2.sys vulnerable driver that allowing read/write memory in kernel/user via unprivileged user process.
rootkit-rs - Rusty Rootkit - Windows Kernel Rookit in Rust (Codename: Eagle)
BetterJoy - Allows the Nintendo Switch Pro Controller, Joycons and SNES controller to be used with CEMU, Citra, Dolphin, Yuzu and as generic XInput
winfsp - Windows File System Proxy - FUSE for Windows
LenovoController - 🎮 A lightweight alternative to Lenovo Vantage
HackSysExtremeVulnerableDriver - HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux
DOOM - DOOM Open Source Release
crawl - Dungeon Crawl: Stone Soup official repository
physmem_drivers - A collection of various vulnerable (mostly physical memory exposing) drivers.