Alternatives and similar repositories for RootKit

Users that are interested in RootKit are comparing it to the libraries listed below

• kr0tt / EarlyExceptionHandling
  Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH
  ☆132Updated 3 months ago
• brosck / L1LKiller
  「⚠️」Performing a BYOVD on the truesight.sys driver
  ☆44Updated last year
• MatheuZSecurity / ElfDoor-gcc
  ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.
  ☆132Updated 7 months ago
• OtterHacker / Hooker
  ☆108Updated last year
• winterknife / SILVERPICK
  Windows User-Mode Shellcode Development Framework (WUMSDF)
  ☆117Updated 3 weeks ago
• eversinc33 / 1.6-C2
  Using the Counter Strike 1.6 RCON protocol as a C2 Channel.
  ☆87Updated 9 months ago
• hdks-bug / hermit
  A command and control framework.
  ☆54Updated 11 months ago
• whokilleddb / function-collections
  A collection of PoCs to do common things in unconventional ways
  ☆118Updated 3 months ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆99Updated last year
• rad9800 / talks
  ☆61Updated 7 months ago
• silentwarble / Hannibal
  Mythic C2 Agent written in x64 PIC C
  ☆83Updated 10 months ago
• deepinstinct / ShimMe
  ☆146Updated last year
• 0xf00sec / Aether
  Self-mutating macOS implant
  ☆101Updated last week
• Maldev-Academy / TrapFlagForSyscalling
  Bypass user-land hooks by syscall tampering via the Trap Flag
  ☆135Updated 3 months ago
• Karkas66 / CelestialSpark
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆102Updated 8 months ago
• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆117Updated 6 months ago
• hdks-bug / redteam-techniques
  Collection of red team techniques.
  ☆63Updated 7 months ago
• 0xTriboulet / T-1
  T-1 is a shellcode loader that leverages ML techniques to detect VM environments
  ☆35Updated last year
• kyleavery / pendulum
  Linux Sleep Obfuscation
  ☆106Updated last year
• WKL-Sec / FuncAddressPro
  A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
  ☆74Updated last year
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆51Updated last year
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆110Updated 2 years ago
• pulpocaminante / PPL-0day
  Demoting PPL anti-malware services to less than a guest user
  ☆64Updated 10 months ago
• Cracked5pider / CodeCave
  A bunch of scripts and code i wrote.
  ☆144Updated last year
• silentwarble / PIC-Library
  A collection of position independent coding resources
  ☆100Updated 3 weeks ago
• rbmm / SC
  shell code example
  ☆63Updated last month
• x0reaxeax / PageSplit
  Splitting and executing shellcode across multiple pages
  ☆103Updated 2 years ago
• 0xJs / EnumMitigations
  Reports on Driver, LSASS and other security services mitigations
  ☆31Updated 3 months ago
• Whitecat18 / earlycascade-injection
  Early cascade injection PoC based on Outflanks blog post written in Rust
  ☆60Updated 10 months ago
• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆54Updated 6 months ago