Skip to content

user1342234/dumper

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
assets
assets
 
 
dejavu
dejavu
 
 
moonwalk
moonwalk
 
 
README.md
README.md
 
 
moonwalk.sln
moonwalk.sln
 
 

Repository files navigation

dumper

This project showcases dumping kernel drivers from usermode

About

It is composed of 2 main components:

  1. dejavu
    A kernel driver that communicates with the usermode process through a shared memory page. The driver currently implements one operation:
    - kread reads an arbitrary kernel address and returns the contents to usermode.

  2. moonwalk
    A usermode application that interfaces with the kernel driver to send commands and receive data.

Support

  • All x64 Windows builds
  • AMD/Intel

Usage

  1. Launch moonwalk.exe [target_driver_name]
  2. Sign and load the driver. Otherwise, use kdmapper, KDU
  3. Enjoy!

Credits

  • @SamuelTulach - README design

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages