Home
VollRagm
Cancel

Abusing LargePageDrivers to copy shellcode into valid kernel modules

Introduction Most people in the game hacking community write their kernel-mode drivers to get around kernel-level anti-cheats such as EasyAntiCheat. However, those anti-cheats have several methods ...

Showing a MessageBox from kernel-mode

Introduction Message boxes provide a simple way to show feedback to the user. In user-mode, a message box can be shown with the MessageBoxW API function. However, this API does not exist in kernel-...

PTView - Browse Page Tables on Windows

Introduction Page Tables can be a complicated concept to understand. This is why I created PTView. You can use this tool to visualize page tables and be able to browse them. It allows you to insp...

KernelSharp - Write Kernel Drivers in C#

Introduction In the past, people asked me if it was possible to write a kernel-mode Driver for Windows in C#. Now, you might be thinking that something like this would be totally foolish and serve ...

Unity Engine reversing and hacking

Introduction Unity3D is a popular game engine used by many games, like Escape from Tarkov, Rust, Fall Guys, Among Us, and many more. The engine uses C# as scripting backend, and by default runs on ...

Reverse engineering a Web API

Introduction Most websites or web services have an API in the backend that delivers requested data to its frontend. This can be anything from the Google Search API to delivering a message on Discor...

Reverse engineering Windows 7 Minesweeper

Introduction This blog post is about how to approach reverse engineering using the Windows 7 version of Minesweeper as an example. You can get the Windows 7 Minesweeper from https://win7games.com/...

Reverse engineering Task Manager

Introduction Some time ago I spent some time reversing Task Manager for fun and practice. I will share my findings in this blog post. Note that most of the things in this post might not be interest...