PPLKiller | Protected Processes Light Killer

by Mattiwatti C++ Version: Current License: GPL-3.0

X-Ray Key Features Code Snippets Community Discussions Vulnerabilities Install Support

kandi X-RAY | PPLKiller Summary

PPLKiller is a C++ library typically used in WebGL applications. PPLKiller has no bugs, it has no vulnerabilities, it has a Strong Copyleft License and it has low support. You can download it from GitHub.

PPLKiller ('Protected Processes Light killer', not 'people killer') is a kernel mode driver that disables Protected Process Light protection on all running processes. PPL is a mechanism introduced in Windows 8.1 that transfers many of the security restrictions enjoyed by the System process to user mode processes such as smss.exe and csrss.exe. For example, it is not possible to open a PPL process with PROCESS_VM_READ access, even when running as the Local System user and having debug privileges enabled. For more info on PPL, read The Evolution of Protected Processes by Alex Ionescu. While PPL was probably designed with good intentions (and there are uses for it, such as protecting the LSA process from tampering), I mostly find it to be a nuisance that gets in the way of debugging. That's why I wrote this driver that only does one thing: it finds all PPL processes and removes their protection. Non-'light' protected processes (i.e. the System process) remain protected.

Support

Quality

Security

License

Reuse

Support

PPLKiller has a low active ecosystem.

It has 683 star(s) with 138 fork(s). There are 32 watchers for this library.

It had no major release in the last 6 months.

There are 2 open issues and 17 have been closed. On average issues are closed in 39 days. There are no pull requests.

It has a neutral sentiment in the developer community.

The latest version of PPLKiller is current.

Quality

PPLKiller has 0 bugs and 0 code smells.

Security

PPLKiller has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.

PPLKiller code analysis shows 0 unresolved vulnerabilities.

There are 0 security hotspots that need review.

License

PPLKiller is licensed under the GPL-3.0 License. This license is Strong Copyleft.

Strong Copyleft licenses enforce sharing, and you can use them when creating open source projects.

Reuse

PPLKiller releases are not available. You will need to build from source code and install.

Installation instructions are available. Examples and code snippets are not available.

Top functions reviewed by kandi - BETA

kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of PPLKiller

Get all kandi verified functions for this library.

PPLKiller Key Features

No Key Features are available at this moment for PPLKiller.

PPLKiller Examples and Code Snippets

No Code Snippets are available at this moment for PPLKiller.

Community Discussions

No Community Discussions are available at this moment for PPLKiller.Refer to stack overflow page for discussions.

Community Discussions, Code Snippets contain sources that include Stack Exchange Network

Vulnerabilities

No vulnerabilities reported

Install PPLKiller

Make sure test signing is enabled (bcdedit /set testsigning on), or alternatively, that you are a millionaire and have a Windows EV signing certificate.
Copy pplkiller.sys to %systemroot%\System32\drivers.
Run sc create pplkiller binPath= System32\drivers\pplkiller.sys type= kernel to install the driver. (Mind the spaces.)

Support

For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .

Find more information at: