This repository contains Loadable Kernel Modules (LKM) and LD_PRELOAD-based modules designed for penetration testing, red teaming, and security research. These tools enable advanced techniques like process hiding, syscall hooking, and runtime application manipulation.
☆13Feb 15, 2025Updated last year
Alternatives and similar repositories for RootKit
Users that are interested in RootKit are comparing it to the libraries listed below
Sorting:
- A collection of FreeBSD rootkit kernel modules and utilities☆13Jun 25, 2025Updated 8 months ago
- Evasive shellcode loader with indirect syscalls, Thread name-calling allocation, PoolParty injection☆10Feb 26, 2025Updated last year
- Collection of codes focused on Linux rootkits☆203Oct 22, 2025Updated 5 months ago
- Super performant RAG pipeline for AI apps.☆17Mar 10, 2024Updated 2 years ago
- This is a VxLAN PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion☆28Jul 21, 2025Updated 8 months ago
- ☆24Dec 31, 2025Updated 2 months ago
- One-header configurable C++20 COFF loader☆21Jul 21, 2025Updated 8 months ago
- Certipy in Docker☆13Mar 28, 2024Updated last year
- ASPX ShellCode Loader☆54Jan 27, 2024Updated 2 years ago
- iPhoneTracker port to Linux☆16Apr 22, 2011Updated 14 years ago
- A malware researching repository.☆21Aug 10, 2021Updated 4 years ago
- PhantomDelay is a precise delay function that uses the Windows high resolution performance counter to pause your program for a specified …☆19May 8, 2025Updated 10 months ago
- My dotfiles for Linux boxes☆57Feb 20, 2026Updated last month
- Event Tracing for Windows EDR bypass in Rust (usermode)☆39Jun 9, 2024Updated last year
- reverse proxy server☆19Jul 7, 2016Updated 9 years ago
- Malware written in bash to serve as an initial dropper script that will provide a strong foothold on the target device via reverse shells…☆21Sep 18, 2023Updated 2 years ago
- Official MCSR Ranked Wiki Page with VitePress☆16Feb 10, 2026Updated last month
- Short Python script for parsing Defender VDM signature files.☆10Sep 22, 2024Updated last year
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- A tool that bypasses Windows Defender by manually loading DLLs, parsing EAT directly, and updating IAT with unhooked functions to run M…☆21Jul 14, 2024Updated last year
- ShellcodeFluctuation PoC ported to Nim☆79Oct 14, 2022Updated 3 years ago
- Windows Shell Link (LNK) Proof of Concept☆16Jul 19, 2025Updated 8 months ago
- 🤹 Caido AI Skills☆54Mar 13, 2026Updated last week
- Public exploits☆16May 28, 2018Updated 7 years ago
- Tamper Active Directory user attributes to collect their hashes with MS-SNTP☆65Jan 21, 2025Updated last year
- A Rust-based dropper for shellcode payloads.☆72Mar 21, 2025Updated last year
- Draugnet is a lightweight, open-source tool for anonymous cyber threat reporting. Built for the MISP ecosystem, it lets users submit and …☆20Feb 26, 2026Updated 3 weeks ago
- 使用kcp实现的socks5正向代理☆12Dec 9, 2023Updated 2 years ago
- My POC implementation of HVNC (Hidden VNC / Hidden Desktop)☆28Dec 30, 2024Updated last year
- ☆26Aug 11, 2025Updated 7 months ago
- General purpose Discord Bot with the hacker in mind☆13Nov 6, 2025Updated 4 months ago
- C# DInvoke Shellcode Runner☆31Feb 10, 2025Updated last year
- Signature finder (from PE-bear)☆40Aug 25, 2025Updated 6 months ago
- Transfer file over Dns☆10Nov 26, 2024Updated last year
- A ring0 Loadable Kernel Module (Linux) to log all commnds run on the system.☆17Sep 30, 2025Updated 5 months ago
- Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…☆64Apr 2, 2025Updated 11 months ago
- Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability☆24Feb 5, 2025Updated last year
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Jun 5, 2023Updated 2 years ago
- peda like debugger script for windbg/windbgx and mingw-gdb☆11Dec 31, 2021Updated 4 years ago