- Status
- Offline
- Joined
- Mar 3, 2026
- Messages
- 581
- Reaction score
- 7
Kernel-level access just got a lot more accessible for those digging into anti-cheat internals.
Got my hands on a collection of 87 vulnerable drivers that recently hit the public space. The real value here isn't just the volume, but the specific WHQL-signed drivers that are currently being leveraged for EAC bypasses. These signatures allow you to bridge the gap between user-mode and kernel-mode without the massive overhead (or cost) of acquiring your own EV certificate.
Technical Breakdown
This collection is a goldmine for anyone working on BYOVD (Bring Your Own Vulnerable Driver) implementations. By utilizing these signed-but-exploitable drivers, you can gain reliable read/write primitives or map your own unsigned code into kernel memory. Several of these were specifically curated because their IOCTLs allow for easy manipulation of kernel structures before the anti-cheat can initialize its protection routines.
Highlights of the Collection:
Check the collection here:
Not an advertisement (noad). Just sharing the dump for the reversers and researchers here.
Anyone managed to successfully map their own project using the WHQL drivers from this specific set on the latest patch?
Got my hands on a collection of 87 vulnerable drivers that recently hit the public space. The real value here isn't just the volume, but the specific WHQL-signed drivers that are currently being leveraged for EAC bypasses. These signatures allow you to bridge the gap between user-mode and kernel-mode without the massive overhead (or cost) of acquiring your own EV certificate.
Technical Breakdown
This collection is a goldmine for anyone working on BYOVD (Bring Your Own Vulnerable Driver) implementations. By utilizing these signed-but-exploitable drivers, you can gain reliable read/write primitives or map your own unsigned code into kernel memory. Several of these were specifically curated because their IOCTLs allow for easy manipulation of kernel structures before the anti-cheat can initialize its protection routines.
Highlights of the Collection:
- Full archive of 87 drivers with known vulnerabilities.
- WHQL signed binaries that bypass standard Windows driver signature enforcement.
- Specific drivers confirmed to be usable for manual mapping bypasses on EAC.
- Mix of old-school exploits and some newer entries that just went public.
If you're planning on using these with a public mapper like KDU, be aware that easy anti-cheats (EAC/BE) frequently blacklist these specific signatures once they go public. You'll want to check if the driver you're targeting is already in the HVCI revocation list or if the AC is monitoring the specific IOCTLs used for memory mapping. Don't just fire these up on your main account without checking the imports first.
Check the collection here:
You cant view this link please login.
You cant view this link please login.
Not an advertisement (noad). Just sharing the dump for the reversers and researchers here.
Anyone managed to successfully map their own project using the WHQL drivers from this specific set on the latest patch?
Last edited by a moderator:
