0x44F / WinKit
💻 Windows 10 Kernel-mode rootkit
☆31Updated 2 years ago
Alternatives and similar repositories for WinKit:
Users that are interested in WinKit are comparing it to the libraries listed below
- A Bumblebee-inspired Crypter☆80Updated 2 years ago
- A simple PE loader.☆25Updated 2 years ago
- using the gpu to hide your payload☆57Updated 2 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated last year
- Process Hollowing demonstration & explanation☆35Updated 4 years ago
- Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits☆28Updated 2 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆27Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 3 years ago
- Just another casual shellcode native loader☆24Updated 3 years ago
- ☆38Updated 2 months ago
- Shadow Rebirth - An Aggressive Outbreak Anti-Debugging Technique☆11Updated 4 months ago
- Bypass UAC at any level by abusing the Task Scheduler and environment variables☆31Updated 3 years ago
- Callstack spoofing using a VEH because VEH all the things.☆20Updated last month
- A simple Linux in-memory .so loader☆29Updated 2 years ago
- A more advanced free and open .NET obfuscator using dnlib.☆10Updated 2 years ago
- AIDA64DRIVER Elevation of Privilege Vulnerability☆13Updated 5 months ago
- ☆52Updated 2 years ago
- ☆16Updated 3 years ago
- a demo module for the kaine agent to execute and inject assembly modules☆38Updated 7 months ago
- Reimplementation of the KExecDD DSE bypass technique.☆47Updated 7 months ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆84Updated 2 years ago
- idk man this was the default github name☆35Updated last year
- Research into removing strings & API call references at compile-time (Anti-Analysis)