two questions

[adream100]

This is a very good tool, but I have two questions:

1. I do not understand this sentence: SeCiCallbacks is not PatchGuard protected (EDIT : protected in Windows 11 23H2)

Does this mean that the tool has obstacles in Win11 23H2? But I tested it in the latest version of Win11 23H2 and it worked fine.

2. can you please provide a driver that is not in the MS's driver blocklist but can replace gdrv.sys ?(gdrv.sys is in the list already, and modifying the registry sometimes is difficult as the computer is protected by security software).

[0mWindyBug]

1. The array is protected by a mitigation called PatchGuard on that build, PG periodically validates the integrity of structures in kernel , checks are run in intervals . that’s why even if it’s protected you may have not left it patched for long enough for the check to see it, it doesn’t render the tool useless as you can use the reas primitive the restore the array before PG checks it and after loading the driver
2. Maybe in the future , I don’t have time currently