deadlands-windows-dkom - Windows DKOM : Hide Processus

  •        3

Deadlands project aim to create a kernel module using DKOM to hides process. It prevents taskmngr from viewing a running process (for example, cmd.exe). In order to compile this project, WDK (Windows Driver Kit) must be installed on your computer.

https://github.com/0xbaadf00d/deadlands-windows-dkom

Tags
Implementation
License
Platform

   




Related Projects

GunFu Deadlands


A Far West themed 2D shooter featuring bullet time. Made in Lua using the Love2D library (http://love2d.org).

Two Kernel Monte


Two Kernel Monte is a Linux kernel module which allows Linux to load another kernel image into RAM and restart the machine from that kernel. The loader supports initial RAM disks and passing arbitrary kernel command line parameters to the new kernel.

VMWare Kernel Debugging booster


The project is a Windows XP kernel driver allowing debugging kernel drivers over a named pipe EXTREMELY FAST. Compatible with both VMWare Workstation and VMWare server.

libfuse - The reference implementation of the Linux FUSE (Filesystem in Userspace) interface


FUSE (Filesystem in Userspace) is an interface for userspace programs to export a filesystem to the Linux kernel. The FUSE project consists of two components: the fuse kernel module (maintained in the regular kernel repositories) and the libfuse userspace library (maintained in this repository). libfuse provides the reference implementation for communicating with the FUSE kernel module. A FUSE file system is typically implemented as a standalone application that links with libfuse. libfuse provides functions to mount the file system, unmount it, read requests from the kernel, and send responses back. libfuse offers two APIs: a "high-level", synchronous API, and a "low-level" asynchronous API. In both cases, incoming requests from the kernel are passed to the main program using callbacks. When using the high-level API, the callbacks may work with file names and paths instead of inodes, and processing of a request finishes when the callback function returns. When using the low-level API, the callbacks must work with inodes and responses must be sent explicitly using a separate set of API functions.

mkernel - a minimalistic kernel


Kernel 101 – Let’s write a Kernel(http://arjunsreedharan.org/post/82710718100/kernel-101-lets-write-a-kernel)


darwin-xnu - The Darwin Kernel (mirror)


XNU kernel is part of the Darwin operating system for use in OS X and iOS operating systems. XNU is an acronym for XNU is Not Unix. XNU is a hybrid kernel combining the Mach kernel developed at Carnegie Mellon University with components from FreeBSD and C++ API for writing drivers called IOKit. XNU runs on I386, X86_64 for both single processor and multi-processor configurations. Additionally, there is support for configuring architectures through ARCH_CONFIGS and kernel configurations with KERNEL_CONFIGS.

linux-kernel-module-cheat - Run one command, get a QEMU or gem5 Buildroot BusyBox virtual machine built from source with several minimal Linux kernel 4


Run one command, get a QEMU or gem5 Buildroot BusyBox virtual machine built from source with several minimal Linux kernel 4.16 module development example tutorials with GDB and KGDB step debugging and minimal educational hardware models. "Tested" in x86, ARM and MIPS guests, Ubuntu 18.04 host. This is the most native setup, and therefore the best one if you are on one of the supported Ubuntu: 16.04 or 18.04.

Kernel Development Kit (KDK)


Build your own os, with the help of Kernel Developent Kit. With minimal Assembly and C code, around 99.9% of the code is written in C++ using object oriented design.

Longene (Linux Unified Kernel)


Longene ( Linux Unified Kernel ) is an open source project sponsored by Insigma Co., Ltd. It aims to implement a kernel module in Linux that provides a system-call and driver layer to allow the Windows applications to run on the Linux OS.

Nemesis Real Time OS Kernel


Nemesis is a tiny real time operating system kernel based on x86 PCs. Its main purpose is to serve as a simple but realistic example of an real time OS kernel running on real hardware..the purpose of this is that it can be embedded in small devices lik

gvisor - Container Runtime Sandbox


gVisor is a user-space kernel, written in Go, that implements a substantial portion of the Linux system surface. It includes an Open Container Initiative (OCI) runtime called runsc that provides an isolation boundary between the application and the host kernel. The runsc runtime integrates with Docker and Kubernetes, making it simple to run sandboxed containers. gVisor takes a distinct approach to container sandboxing and makes a different set of technical trade-offs compared to existing sandbox technologies, thus providing new tools and ideas for the container security landscape.

Kernel Emulation on Windows


Kernel Emulation on Windows allows you to run x86 Linux native binaries under MS-Windows. No recompiling is required. The goal is to be able to run your favorite distro without dual-booting or using emulation products such as Vmware, Qemu or coLinux

linux kernel performance


This project is intended to track Linux kernel performance by running a set of key benchmarks with latest snapshots of development kernel source tree (Linus?s kernel git tree). Latest benchmark results are hosted here as well as historical data.

Dragoon kernel


a concept operating system that is UNIX like; however, is not a micro-kernel, monolithic kernel, or any kernel in particular. it is based off inferno, a plan9 like UNIX.

Agnix Embedded Real-time OS Kernel


Agnix is an educational, network operating system kernel. It is ideal starting point to learn about operating systems. The main goal of the project is to provide a network kernel fully compatible with the Linux Kernel in the system call layer

User-mode Linux kernel port


The user-mode kernel port is a port of the Linux kernel which runs in a set of processes. The result is a user-mode virtual machine and a kernel which can be debugged and developed using all of the usual process-level tools.

uname-hack


The uname_hack kernel module causes generic architecture information to be provided by the kernel. This patch is only required for a Linux kernel. The K486 kernel is IA32 compatible, and does not reveal an i686 architecture.

Linux Kernel State Tracer


Linux Kernel State Tracer(LKST) records information as trace data about events in the Linux Kernel. It records various events like process context switch etc. This program is a facility for analyzing trouble of the Linux Kernel.

AndroidKernelExploitationPlayground


#Linux Kernel Exploitation on Android# This repository is meant to serve as a hands on guide to Linux kernel exploitation with a special interest in Android. All the resources you need for setting up an exploitation play ground will be explained below. Each folder should have it's own challenge in the form of a loadable kernel module, it's own solution - code that will be executed from userspace to take advantage of the vulnerability (usually to gain us root), and a bit of a writeup about the vulnerability and the exploit. I am hoping that this will serve as a jumpstart for people to get started with kernel exploitation as well as a learning exercise for myself. Feel free to fork and submit pull reqs for new challenges, documentations, etc..