|
security
-
Guide Kernel Driver Signing — Leaked EV Certificate Method
Windows Driver Signature Enforcement (DSE) is a massive roadblock if you don't have a grand to drop on a legitimate EV certificate. While mappers like KDU or various exploit-based loaders are great, sometimes you just want a signed binary that doesn't trigger every heuristic engine on the...- byte_corvus
- Thread
- driver dse bypass dsigntool ev certificate kernel sc.exe security signing sys windows
- Replies: 0
- Forum: PC Hardware & Software
Views: 335Replies: 0 -
Question Kernel Security — DSE Bypassing vs BYOVD Persistence
Anyone digging into current kernel-mode persistence lately? The landscape is getting progressively tighter with HVCI and KPP (PatchGuard) constantly evolving. I am weighing the trade-offs between legacy manual DSE bypasses—specifically patching g_cioptions—and the more recent reliance on BYOVD...- byte_corvus
- Thread
- byovd driver dse hvci kernel patchguard reversing rootkit security windows
- Replies: 0
- Forum: Reversing help
Views: 149Replies: 0 -
Discuss Escape from Tarkov — Mandatory TPM 2.0 and Secure Boot Implementation
Looks like the dev team is finally tightening the screws on the environment integrity. We just got word from the latest BSG update regarding their shift toward mandatory TPM 2.0 and Secure Boot enforcement. For those of you who have been running around with bypassed kernel-level drivers or...- byte_corvus
- Thread
- anti-cheat bsg bypass escape from tarkov hardware kernel secure boot security tpm 2.0 uefi
- Replies: 0
- Forum: EFT discussions and guides
Views: 592Replies: 0 -
Question BattlEye — Methods for Undetected Mouse and Key Input Reading
Anyone digging into external development for BE-protected titles eventually hits the wall with standard Windows API calls. Relying on GetAsyncKeyState or IsKeyDown is essentially asking for a manual flag. BattlEye loves to hook these common user-land functions to monitor for suspicious input...- byte_corvus
- Thread
- battleye c++ detection external cheat getasynckeystate hooks input reading kernel reverse engineering security
- Replies: 0
- Forum: Anti-cheat bypass
Views: 975Replies: 0 -
Question MapleStory Dealing with security shutdowns during memory scan
Boys, need some technical insight here. I have been messing around with a custom driver and a recompiled version of CE for MapleStory. Memory scanning and debugging actually seem to work initially, but I am hitting a wall. The Issue: After roughly 3 to 5 minutes of activity, the client hits a...- byte_corvus
- Thread
- bypass debugging driver heartbeat hooks kernel maplestory memory scanning security
- Replies: 0
- Forum: Discussions and guides (general section)
Views: 293Replies: 0 -
Discuss Hardware DIMM Memory Dock for DMA-style Access
Guys, I've been kicking around a crazy concept lately and wanted to see if anyone with a background in electrical engineering or FPGA development has some insights. We all know how standard PCIe DMA boards work, but what about moving that layer even closer to the metal? The Concept: What if we...- byte_corvus
- Thread
- bypass dimm dma engineering fpga hardware interposer memory research security
- Replies: 0
- Forum: Discussions and guides (general section)
Views: 275Replies: 0 -
Source Vanguard Restrictions Messenger Bypass & Logic
Anyone else looking into this specific module? Had to dump this manually again to see how the restrictions messenger actually handles things. Found this build (v.1.17.18-11) floating around and decided to break down the logic behind the restrictions messenger. You can bypass it relatively...- byte_corvus
- Thread
- anticheat bypass cplusplus hooking kernel reverseengineering security source vanguard windows
- Replies: 0
- Forum: Valorant cheat sources
Views: 284Replies: 0