include | ||
src | ||
.editorconfig | ||
.gitignore | ||
Domito.sln | ||
Domito.sln.DotSettings | ||
LICENSE | ||
README.md |
Domito
Windows kernel driver utilities library.
Work in progress, use with care 🔥
About
Static library containing some unconventional and undocumented kernel space goodies for the adventurous kernel hacker 🙂 Although I aim for stable code, I can not recommend it for production use; but it's mighty helpful in a lab environment to say the least!
Most of the logic you find here has been discovered and provided by the fine folks listed in the credits section below, I merely touched it up and molded into an utilities library for easy consumption in your own kernel driver project.
Conventions
Custom types are prefixed with an all upper case DOMITO_
and functions are prefixed with a Pascal case Domito
to avoid conflicts with any system-provided names. The word "domito" is latin for "to tame".
How to use
Add the include
directory to your project's headers search path, #include <Domito.h>
wherever required and link against the resulting Domito.lib
file for your desired architecture. Done!
Sources & 3rd party credits
This library benefits from these awesome projects ❤ (appearance in no special order):
- GetProcAddress implementation - for the Kernel
- Implementation of GetProcAddress and GetModuleHandle for Windows NT3.51/NT4/2000/XP/2003/Vista/7/8 kernel mode, both 32 and 64 bit platforms
- Use ci.dll API for validating Authenticode signature of files
- Helper functions for calculating the authenticode digest for a portable executable file
- Custom memory allocator exposure inspired by SDL