https://github.com/gmh5225/callmewin32kdriver

Load your driver like win32k.sys
https://github.com/gmh5225/callmewin32kdriver

anti anticheat cheat driver dump game hack hide llvm-msvc mmcopymemory psloadedmodulelist pubg rootkit win32k windows

Last synced: about 1 month ago
JSON representation

Load your driver like win32k.sys

• Host: GitHub
• URL: https://github.com/gmh5225/callmewin32kdriver
• Owner: gmh5225
• License: mit
• Created: 2022-08-16T14:58:35.000Z (over 2 years ago)
• Default Branch: main
• Last Pushed: 2022-08-20T18:29:15.000Z (over 2 years ago)
• Last Synced: 2025-03-19T21:19:19.550Z (about 1 month ago)
• Topics: anti, anticheat, cheat, driver, dump, game, hack, hide, llvm-msvc, mmcopymemory, psloadedmodulelist, pubg, rootkit, win32k, windows
• Language: C++
• Homepage: https://www.unknowncheats.me/forum/anti-cheat-bypass/511107-load-driver-win32k-sys.html
• Size: 23.4 KB
• Stars: 251
• Watchers: 8
• Forks: 75
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: license

Awesome Lists containing this project

README

        
# CallMeWin32kDriver

Load your driver like win32k.sys

![Q`NXJ7G@89G@K)6~5H8JA@6](https://user-images.githubusercontent.com/13917777/184930976-1ee5dd35-04a0-4d98-85a4-1f51074b9784.png)

![~MF %CSVW(FCL8H1G4UJ@6Y](https://user-images.githubusercontent.com/13917777/184935919-f9ee10ec-fbc3-48ef-8545-6269d078d0b1.png)

## Motivation

This feature was analyzed from a certain PUBG cheat driver.

## What it can do?

- Protection against direct dump by Anti-Rootkit tools

- Bypass MmCopyMemory

- Hide world does not trigger PG

## How to detect?

- Attach a GUI process before using MmCopyMemory

## Compile

- Visual Studio 2022 & WDK10

- llvm-msvc [[link]](https://github.com/NewWorldComingSoon/llvm-msvc-build)

## Some discussions on UnknownCheats

https://www.unknowncheats.me/forum/anti-cheat-bypass/511107-load-driver-win32k-sys.html