0x44F / WinKitLinks
💻 Windows 10 Kernel-mode rootkit
☆32Updated 2 years ago
Alternatives and similar repositories for WinKit
Users that are interested in WinKit are comparing it to the libraries listed below
Sorting:
- A Bumblebee-inspired Crypter☆79Updated 2 years ago
- Process Hollowing demonstration & explanation☆33Updated 4 years ago
- Listing UDP connections with remote address without sniffing.☆29Updated last year
- ☆16Updated 3 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆27Updated 3 years ago
- Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits☆31Updated 3 years ago
- using the gpu to hide your payload☆59Updated 3 years ago
- Shellcodev is a tool designed to help and automate the process of shellcode creation.☆110Updated last year
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆40Updated 4 years ago
- Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules☆42Updated 2 years ago
- ☆15Updated 4 years ago
- Just another casual shellcode native loader☆24Updated 3 years ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆72Updated 4 years ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆56Updated 2 years ago
- Read my blog for more info -☆31Updated 4 years ago
- ☆39Updated 4 years ago
- This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCr…☆63Updated last year
- ☆40Updated 2 years ago
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆50Updated 2 years ago
- ☆64Updated 2 years ago
- Manually perform syscalls without going through any external API or DLL.☆19Updated 2 years ago
- C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.☆30Updated 3 years ago
- Bypass UAC at any level by abusing the Task Scheduler and environment variables☆31Updated 4 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 3 years ago
- Malware persistence via COM DLL hijacking. C++ implementation example☆13Updated 3 years ago
- Piece of code to detect and remove hooks in IAT☆64Updated 3 years ago
- ☆114Updated 3 years ago
- Simple and sane compression wrapper library.☆18Updated 2 years ago
- Process Injection: APC Injection☆33Updated 4 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆113Updated 4 years ago