/IoCreateDriver

IoCreateDriver Implementation, it can be useful if you're trying to bypass anticheats

Primary LanguageC

IoCreateDriver

I am just sharing an implementation of IoCreateDriver (which can be found in ntoskrnl.exe) it doesn't log the driver within PsLoadedModuleList and it bypasses EtwTiLogDriverObjectLoad

Build example:

Within the repository is preset an example that must be compiled using VisualStudio in combination
with the WDK provided by microsoft.

If you're manual mapping:

Remember that if you're manual mapping:

  • You must turn off the security check in ProjectSettings -> C/C++ -> Security Check
  • You also have to change the entry point from FxDriverEntry to DriverEntry
    which you can find in ProjectSetting -> Linker -> Entry Point

- Th3Spl