💻 Windows 10 Kernel-mode rootkit
☆32Sep 3, 2022Updated 3 years ago
Alternatives and similar repositories for WinKit
Users that are interested in WinKit are comparing it to the libraries listed below
Sorting:
- Released alongside with a talk at REcon 2023, TheRestarter is an interactive command-line tool is designed to interact with the Windows …☆15Jun 8, 2023Updated 2 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆145May 18, 2024Updated last year
- Classic DLL injection. Download dll from url and inject. Simple C++ implementation☆10Apr 16, 2022Updated 3 years ago
- Process injection via KernelCallbackTable☆13Jan 28, 2022Updated 4 years ago
- A kernel rootkit with remote command and control interface for windows☆108Jan 22, 2018Updated 8 years ago
- Exploring in-memory execution of .NET☆137Apr 20, 2022Updated 3 years ago
- Malware persistence via COM DLL hijacking. C++ implementation example☆13May 2, 2022Updated 3 years ago
- Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!☆250Jul 9, 2024Updated last year
- A spiritual .NET equivalent to the Gargoyle memory scanning evasion technique☆52Dec 6, 2018Updated 7 years ago
- My personal shellcode loader☆32Mar 9, 2023Updated 3 years ago
- Simple and sane compression wrapper library.☆19Oct 28, 2022Updated 3 years ago
- WTSRM☆216Aug 7, 2022Updated 3 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- Crossplatform tool for inject shellcode into .exe and .dll binaries (x86 and x64)☆76Dec 22, 2025Updated 2 months ago
- miscellaneous scripts and programs☆278Jan 23, 2025Updated last year
- PoC showing how a potentially malicious script could be hidden, encrypted, into invisible unicode characters☆15May 26, 2019Updated 6 years ago
- Enumerate various traits from Windows processes as an aid to threat hunting☆202Jan 13, 2022Updated 4 years ago
- Example of async client/server sockets in .NET 5☆17Jun 9, 2021Updated 4 years ago
- Executes shellcode from a remote server and aims to evade in-memory scanners☆32Nov 17, 2019Updated 6 years ago
- Trolling Keyloggers by Forcing them to log Specific Text then freezing them☆22Jul 30, 2022Updated 3 years ago
- hook system call that on user mode☆12Jan 27, 2022Updated 4 years ago
- A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.☆10Aug 2, 2021Updated 4 years ago
- A simple PoC to invoke an encrypted shellcode by using an hidden call☆116Nov 19, 2022Updated 3 years ago
- Various ways to execute shellcode☆508Mar 13, 2024Updated 2 years ago
- Simple x86 Trampoline Hook☆44Aug 3, 2022Updated 3 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆136Jan 2, 2023Updated 3 years ago
- Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic lo…☆24Jan 23, 2023Updated 3 years ago
- This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCr…☆63Feb 11, 2024Updated 2 years ago
- Bypass Malware Time Delays☆107Sep 23, 2022Updated 3 years ago
- Append custom data to signed pe file and DONOT DESTROY SIGNED STATUS.☆26Mar 13, 2021Updated 5 years ago
- Block any Process to open HANDLE to your process , only SYTEM is allowed to open handle to your process ,with that you can avoid remote m…☆173Apr 27, 2023Updated 2 years ago
- C# loader capable of running stage-1 from remote url, file path as well as file share☆15Feb 8, 2023Updated 3 years ago
- Easy XOR string encryption for NET based binaries☆139Nov 4, 2023Updated 2 years ago
- Malware?☆77Oct 26, 2025Updated 4 months ago
- Bypassing kernel patch protection runtime☆22Feb 19, 2023Updated 3 years ago
- Inject dll to explorer.exe and hide file from process.☆23Apr 24, 2021Updated 4 years ago
- A simple program to hook the current process to identify the manual syscall executions on windows☆266Nov 18, 2022Updated 3 years ago
- A tool to Impersonate logged on users without touching LSASS (Including non-Interactive sessions).☆90Nov 23, 2022Updated 3 years ago
- It's pointy and it hurts!☆127Oct 18, 2022Updated 3 years ago