PatchGuard bypass at runtime
| #1001 Title: Administrator |
12/10/2023 02:20 - 148 days 2 hours 24 minutes #1001 |
A quote. #1000 Originally posted by sospsi
You need to provide the exact details. Do you need the source code or not? I currently only support Win10/11 22H2 (x64). What's the purpose of your custom process hide? If it's about hiding a process from an anti-cheat, I need to know the name. Which process or processes needs to be hidden? I assume you realize the project will be customized according to your preference. I need the exact specs before I can tell the price. The good thing is that I do have a working codes already (as I implemented something similar a long time ago). As I already wrote. A kernel anti-cheat or an AV does not want to be monitored and I need the same functionality for my tools anti-malware functionality, so that I can monitor any kernel anti-cheat or anti-virus whatever cybersecurity product.
If your hidden process is creating new threads occasionally. I assume you realize this requires quite advanced bypass, especially then if there is kernel anti-cheat thread notify callbacks running (today's advanced anti-cheats got self-integrity checks in place so they'll notice if you stripped their callbacks off, this requires a deep windows internals knowledge to bypass without getting detected). I hope you realize that a bypass needs to know when your hidden process creates a new thread. That may otherwise result in a ban or detection.
The ideal solution is this: A process starts before anything else and creates it's threads. PatchGuard bypasses have nothing to do with process hiding. But you'll need to disable PatchGuard before you can hide any user mode process.
Do you plan to sell your process hider or is it just for your personal private use? I need to know all that... Yes, I can do it. But the project will be delivered "AS IS" without warranty of any kind even though I'll test the project properly, of course.
I want the perfect process hide with patchguard bypass do you sell it ? Let me know how much it is
You need to provide the exact details. Do you need the source code or not? I currently only support Win10/11 22H2 (x64). What's the purpose of your custom process hide? If it's about hiding a process from an anti-cheat, I need to know the name. Which process or processes needs to be hidden? I assume you realize the project will be customized according to your preference. I need the exact specs before I can tell the price. The good thing is that I do have a working codes already (as I implemented something similar a long time ago). As I already wrote. A kernel anti-cheat or an AV does not want to be monitored and I need the same functionality for my tools anti-malware functionality, so that I can monitor any kernel anti-cheat or anti-virus whatever cybersecurity product.
If your hidden process is creating new threads occasionally. I assume you realize this requires quite advanced bypass, especially then if there is kernel anti-cheat thread notify callbacks running (today's advanced anti-cheats got self-integrity checks in place so they'll notice if you stripped their callbacks off, this requires a deep windows internals knowledge to bypass without getting detected). I hope you realize that a bypass needs to know when your hidden process creates a new thread. That may otherwise result in a ban or detection.
The ideal solution is this: A process starts before anything else and creates it's threads. PatchGuard bypasses have nothing to do with process hiding. But you'll need to disable PatchGuard before you can hide any user mode process.
Do you plan to sell your process hider or is it just for your personal private use? I need to know all that... Yes, I can do it. But the project will be delivered "AS IS" without warranty of any kind even though I'll test the project properly, of course.
