Bypassing kernel patch protection at runtime.
As I wrote in the article. This is a dynamic PatchGuard bypass for Windows 10 Pro 22H2. The majority of AV's did not detected the bypass. Therefore, the source code of the driver is not publicly disclosed.
Tools used:
[+] WinDgb Preview with KDNET
[+] HEX DEREF PRO
[+] IDA PRO
Skill requirement:
[+] Advanced
The article is provide for educational and information purposes https://hexderef.com/patchguard-bypass
If you have any questions. You can comment the article at https://overlayhack.com/patchguard-bypass