Skip to content
/ Revird Public

R/WPM Drvier for Windows, uses the Registry for communications.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ALittlePatate/Revird

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
EdomResu
EdomResu
 
 
Revird
Revird
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
Revird.sln
Revird.sln
 
 

Repository files navigation

Revird

Driver for x64 bit Windows, can read/write memory, get the address of a process/module in a process.

Example usage

You can find an example usage in the EdomResu folder (UserMode backwards).

int main(void) {
    QWORD proc_addr = GetProcess(L"explorer.exe");
    QWORD mod_addr = GetProcessModule(L"explorer.exe", L"kernel32.dll");
    BYTE mz = RPM<BYTE>(proc_addr);

    printf("Address of explorer.exe : 0x%p\n", (void*)proc_addr);
    printf("Address of kernel32.dll in explorer.exe : 0x%p\n", (void*)mod_addr);
    printf("Header of explorer.exe : 0x%X\n", mz);
    printf("Unloading driver...");
    DriverUnload();
    printf("ok.\n");
    return 0;
}

About

R/WPM Drvier for Windows, uses the Registry for communications.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages