Home

Awesome

DCMB - Dont Call Me Back

"I really want to remove AC/AV/EDR's kernel callback, but i dont like working with offsets and/or signature". Well, not anymore! DCMB will help you to find those callbacks dynamically. DCMB's objective is to find kernel callback list/array without using signatures or offset across multiple Windows version. This project is not intended to being integrated to your project, instead you should learn the logics thats used on this project. Contributions and bug reports are really appreciated!

Supported Callback

Usage

Compile the Release version, enable test signing mode, load it, and view the results through DebugView image