Skip to content
/ data-ptr-swap Public

Windows Driver for Reading and Writing User-Mode Process Memory.

3 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

W4ZM/data-ptr-swap

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
client
client
 
 
cmake
cmake
 
 
driver
driver
 
 
CMakeLists.txt
CMakeLists.txt
 
 
README.md
README.md
 
 

Repository files navigation

data-ptr-swap

A Windows kernel driver that hooks the NtUserCreateWindowStation function in win32k.sys by swapping its pointer to your function in your mapped driver.

Features

  • Mapped with Kdmapper.
  • IoCreateDriver (from Th3Spl).
  • Uses shared memory (section objects) communication.
  • Uses physical memory to read/write process virtual memory.

Requirements

  • Cmake.
  • Windows 11 (24H2).
  • Visual Studio.
  • wdk.

How to build

git clone https://github.com/W4ZM/data-ptr-swap.git
cd data-ptr-swap && mkdir build && cd build
cmake ..
cmake --build . --config release

Credits to FindWdk for making it easier to build Windows drivers with CMake.

About

Windows Driver for Reading and Writing User-Mode Process Memory.

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages