Skip to content

This is a project for spoofing windows as much as possible to become untraceable for detection purposes and others.

Notifications You must be signed in to change notification settings

Scrut1ny/Windows-Spoofer

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 

Repository files navigation

FOSS Windows 10 & 11 Spoofer

This is a Free and Open Source Windows 10/11 spoofer. It's carefully programmed and thoroughly documented. I've dedicated a significant amount of time to refine it, ensuring smooth functionality across all modules. My motivation came from noticing issues with existing spoofers, such as poor programming, excessive bloat, and unnecessary system actions. Frustrated with the lack of reliable options, I conducted extensive research and programming to develop a truly effective, free, and open-source solution. Inspired by vektort13 and his projects antiOS_batch and AntiOS, I aimed to enhance and expand upon his work, making it 10 times better with additional functionality. Join the new project, Antidetect, and remember to stay elusive!

Important

By using these scripts, you acknowledge and agree that you are doing so at your own risk. The provider of these scripts makes no warranties, either express or implied, regarding their safety, reliability, or suitability for any purpose. You assume full responsibility for any consequences, damages, or loss that may arise from their use. The provider shall not be liable for any direct, indirect, incidental, consequential, or punitive damages resulting from the use of these scripts.

Support 🔧

  • Supported ✅
    • Operating System(s)
      • - Windows 11
      • - Windows 10
    • Motherboard Manufacture(s)
      • - ASUS
      • - MSI (Micro-Star International)
      • - ASRock
      • - Gigabyte / Aorus
      • - Biostar
      • - Supermicro
      • - ECS (Elitegroup Computer Systems)
  • Unsupported ❌
    • Operating System(s)
      • - Linux
    • Motherboard Manufacture(s)
      • - Acer
      • - Dell
      • - HP
      • - Lenovo

Spoofing Functions ⚙️

Spoof Function Support
Local Windows User Account
Local Computer Name (Device Name)
Network Computer Name (NetBIOS Name)
Custom DNS
Registry
MAC Address
VolumeID
SMBIOS DMI
Disk (HDD/SSD/NVMe) Serials
RAM Serials
GPU Serials
NVIDIA UUID
Monitor Serials
PnP Device Serials
ARP

Flushing/Cleaning/Deletion Functions 🗑️

Cleaning Function Support
DNS Cache
ARP Cache
Prefetch Files
%TMP%\* Files
*.log Files
USN Journal ID(s)
Ubisoft, Valorant, cache
Old Windows Backup

Spoofing Software

UEFI/BIOS Keys by Manufacturer

shutdown /r /fw /f /t 0
Manufacturer Key/Sequence
Acer F2
ASRock F2 or DEL
Asus DEL or F2
Dell F2 or F12
Gigabyte DEL or F2
HP ESC or F10
Lenovo F1 or F2
MSI DEL or F2
Samsung F2
Sony F1, F2, or F3
Toshiba F2 or ESC
Intel NUC F2

UEFI/BIOS Key Differences

  • If you use UEFI firmware, use GPT for the partitioning scheme.

  • If you use BIOS firmware, use MBR for the partitioning scheme.

  • UEFI (Unified Extensible Firmware Interface):

    • Modern firmware standard.
    • Supports both MBR and GPT (GUID Partition Table).
    • Operates in 32-bit or 64-bit processor modes.
    • Can have a graphical user interface.
    • Generally faster boot times.
  • BIOS (Basic Input/Output System):

    • Legacy technology.
    • Typically uses MBR (Master Boot Record) for booting.
    • Limited to 16-bit processor mode.
    • Has a text-based user interface.
    • Generally slower boot times.

Guides

Video Guides

Windows7
FFFF800000000000
FFFFFF0000000000

Windows8
FFFF800000000000
FFFFFF0000000000

Windows10(Fast Scan)
FFFF800000000000
FFFFA00000000000

Windows10(Slow Scan)
(Fast Scan Not Found Result)
FFFF800000000000
FFFFC00000000000
# Install the required module if not already installed
if (-not (Get-Module -ListAvailable -Name NtObjectManager)) {
    Install-Module -Name NtObjectManager -Force
}

# Import the NtObjectManager module
Import-Module NtObjectManager

# Get a handle to the current thread
$currentThread = Get-NtThread -Current -PseudoHandle

# Get the TrustedInstaller service
$tiService = Get-CimInstance -ClassName Win32_Service -Filter "Name='TrustedInstaller'"
$tiProcess = Get-Process -Id $tiService.ProcessId

# Open the process with duplicate handle rights
$tiProcessHandle = Get-NtProcess -ProcessId $tiProcess.Id -Access DupHandle

# Get the primary token of the TrustedInstaller process
$tiToken = $tiProcessHandle.OpenToken()

# Duplicate the token as an impersonation token
$impToken = $tiToken.DuplicateToken([NtApiDotNet.NtTokenDuplication]::Impersonation)

# Impersonate the current thread using the duplicated token
$imp = $currentThread.ImpersonateThread($impToken)

# Output the impersonated token
$impToken

# Run a command as TrustedInstaller
Start-Process -FilePath "cmd.exe" -ArgumentList "/c whoami" -NoNewWindow -Wait

# Revert to self after performing the required actions
$currentThread.RevertToSelf()