This repository contains Loadable Kernel Modules (LKM) and LD_PRELOAD-based modules designed for penetration testing, red teaming, and security research. These tools enable advanced techniques like process hiding, syscall hooking, and runtime application manipulation.
☆13Feb 15, 2025Updated last year
Alternatives and similar repositories for RootKit
Users that are interested in RootKit are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A collection of FreeBSD rootkit kernel modules and utilities☆13Jun 25, 2025Updated 10 months ago
- Tools for attacking Computer Use Agents☆31Jan 16, 2026Updated 4 months ago
- Evasive shellcode loader with indirect syscalls, Thread name-calling allocation, PoolParty injection☆10Feb 26, 2025Updated last year
- Collection of codes focused on Linux rootkits☆212Oct 22, 2025Updated 6 months ago
- Super performant RAG pipeline for AI apps.☆17Mar 10, 2024Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- This is a VxLAN PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion☆30Jul 21, 2025Updated 10 months ago
- One-header configurable C++20 COFF loader☆20Jul 21, 2025Updated 10 months ago
- Certipy in Docker☆13Mar 28, 2024Updated 2 years ago
- Hi, guys. In this repo, i'll be posting resources related to different categories of CTF challenges.☆32Nov 5, 2025Updated 6 months ago
- ☆26Dec 31, 2025Updated 4 months ago
- All WriteUps and Flags of TryHackMe☆11Nov 24, 2020Updated 5 years ago
- ASPX ShellCode Loader☆54Jan 27, 2024Updated 2 years ago
- iPhoneTracker port to Linux☆18Apr 22, 2011Updated 15 years ago
- Wisper helps to maintain access to windows machine and have some other cool features like UAC Disable,Firewall Disable,Dumping Credential…☆15Apr 3, 2021Updated 5 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A malware researching repository.☆20Aug 10, 2021Updated 4 years ago
- My dotfiles for Linux boxes☆58Updated this week
- Event Tracing for Windows EDR bypass in Rust (usermode)☆40Jun 9, 2024Updated last year
- reverse proxy server☆19Jul 7, 2016Updated 9 years ago
- Official MCSR Ranked Wiki Page with VitePress☆18Updated this week
- Short Python script for parsing Defender VDM signature files.☆10Sep 22, 2024Updated last year
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- A tool that bypasses Windows Defender by manually loading DLLs, parsing EAT directly, and updating IAT with unhooked functions to run M…☆21Jul 14, 2024Updated last year
- ShellcodeFluctuation PoC ported to Nim☆79Oct 14, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Windows Shell Link (LNK) Proof of Concept☆16Jul 19, 2025Updated 10 months ago
- Tamper Active Directory user attributes to collect their hashes with MS-SNTP☆65Jan 21, 2025Updated last year
- Exploit systems using older WinRAR without knowing their username (unlike other projects)☆36Aug 17, 2025Updated 9 months ago
- Draugnet is a lightweight, open-source tool for anonymous cyber threat reporting. Built for the MISP ecosystem, it lets users submit and …☆20Mar 24, 2026Updated last month
- A Rust-based dropper for shellcode payloads.☆72Mar 21, 2025Updated last year
- 使用kcp实现的socks5正向代理☆12Dec 9, 2023Updated 2 years ago
- My POC implementation of HVNC (Hidden VNC / Hidden Desktop)☆28Dec 30, 2024Updated last year
- ☆26Aug 11, 2025Updated 9 months ago
- C# DInvoke Shellcode Runner☆31Feb 10, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Signature finder (from PE-bear)☆40Aug 25, 2025Updated 8 months ago
- Transfer file over Dns☆10Nov 26, 2024Updated last year
- A ring0 Loadable Kernel Module (Linux) to log all commnds run on the system.☆17Sep 30, 2025Updated 7 months ago
- Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…☆65Apr 2, 2025Updated last year
- Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability☆24Feb 5, 2025Updated last year
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Jun 5, 2023Updated 2 years ago
- peda like debugger script for windbg/windbgx and mingw-gdb☆11Dec 31, 2021Updated 4 years ago