explaingit

nightmare-eclipse/yellowkey

Analysis updated 2026-05-18

3,046Audience · researcherComplexity · 1/5Setup · moderate

TLDR

A public writeup describing a Bitlocker bypass affecting Windows 11 devices, with the manual steps needed to reproduce it.

Mindmap

mindmap
  root((YellowKey))
    What it does
      Bitlocker bypass
      Windows 11 only
      Recovery shell access
    Reproduction
      Copy FsTx folder
      USB or EFI partition
      Shift plus Ctrl boot
    Audience
      Security researchers
      Windows admins
    Concerns
      Possible backdoor
      Shared component name

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Learn how a specific Bitlocker bypass technique works for security research purposes.

USE CASE 2

Reference this disclosure when auditing Windows 11 Bitlocker protections in an organization.

What is it built with?

Windows 11

How does it compare?

nightmare-eclipse/yellowkeyopenmoss/moss-tts-nanomisolabsai/misotts
Stars3,0463,0323,061
LanguagePythonPython
Last pushed2026-06-09
MaintenanceMaintained
Setup difficultymoderatemoderatehard
Complexity1/53/54/5
Audienceresearcherdeveloperdeveloper

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · moderate Time to first run · 30min

No software to install, reproducing it requires physical access to a Windows 11 device and a USB stick.

No license is stated in the README.

In plain English

YellowKey is a security research repository that documents a Bitlocker bypass vulnerability found on Windows 11 systems, including Server 2022 and 2025. Windows 10 is not affected. The author describes copying a folder from the Windows Recovery Environment onto a USB stick, or directly into a device's EFI partition, then using a specific key sequence during a Windows 11 reboot to reach a command shell with full access to a Bitlocker protected drive, without needing the encryption password or recovery key. The README walks through the exact reproduction steps: copying the FsTx folder to a USB stick formatted with NTFS, FAT32, or exFAT, holding Shift while clicking restart to enter the recovery environment, then holding Ctrl during the boot sequence. If the steps are followed correctly, an unrestricted shell opens on the protected volume. The author raises a concern about why this happens: the component responsible for the bypass exists inside the Windows Recovery Environment image but not in a normal Windows installation, even though a component with the same name is present there without the same behavior. The author speculates this could be intentional rather than accidental, though this is presented as personal suspicion rather than a confirmed fact. This is not a software tool or application. There is no code to install, no dependencies, and no setup process. It is a short writeup describing a specific vulnerability and the manual steps to trigger it, along with one screenshot showing the resulting shell. The README credits several named parties for making the public disclosure possible, suggesting the finding went through some form of coordinated disclosure process before being shared here. Given the sensitive nature of the content, this repository is best understood as a public vulnerability advisory rather than a piece of software meant to be used, extended, or integrated into other projects.

Copy-paste prompts

Prompt 1
Explain how the YellowKey Bitlocker bypass works based on this README.
Prompt 2
Summarize why the author suspects this could be an intentional backdoor rather than a bug.
Prompt 3
What defensive Windows configuration changes would help mitigate a bypass like YellowKey?

Frequently asked questions

What is yellowkey?

A public writeup describing a Bitlocker bypass affecting Windows 11 devices, with the manual steps needed to reproduce it.

What license does yellowkey use?

No license is stated in the README.

How hard is yellowkey to set up?

Setup difficulty is rated moderate, with roughly 30min to a first successful run.

Who is yellowkey for?

Mainly researcher.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.