Hells Hollow introduces a novel technique for SSDT hooking, leveraging Alt Syscalls to bypass Microsoft’s PatchGuard protections on Windows 11. This method allows rootkits to intercept and manipulate system calls by modifying the KTRAP_FRAME, thus enabling a range of malicious activities while highlighting the vulnerabilities within the Windows kernel. Limitations of the technique are discussed, including its resistance to certain security measures like Hyper-V and HVCI.