[FEATURE] DSE Disable after successful start WITHOUT the watermark

Idov31 / Nidhogg

Nidhogg is an all-in-one simple to use windows kernel rootkit.

https://idov31.github.io/posts/lord-of-the-ring0-p1

GNU General Public License v3.0

1.8k stars 267 forks source link

[FEATURE] DSE Disable after successful start WITHOUT the watermark #43

Closed PROMPTYLOL closed 8 months ago

PROMPTYLOL commented 8 months ago

maybe you can make nidhogg on the first start to permanently disable DSE as soon as its loaded into the kernel

Idov31 commented 8 months ago

This feature will not be implemented. If you are looking for ways to load the driver without using the test signature, you can use kdmapper and change the flag here (https://github.com/Idov31/Nidhogg/blob/master/Nidhogg/NidhoggCommon.h#L4), then there is no need to enable the test signing.