Alternatives and similar repositories for awesome-windows-rootkits

Users that are interested in awesome-windows-rootkits are comparing it to the libraries listed below

• hakanonymos / browser-javascript-botnet-cloud

  View on GitHub
  javascript botnet browser V3 based one Cloud 9 Botnet and my botnet browser chrome. capture any web site,virtual clavier ,paypal,facebook…
  ☆10Sep 12, 2020Updated 5 years ago
• cocomelonc / 2022-05-02-malware-pers-3

  View on GitHub
  Malware persistence via COM DLL hijacking. C++ implementation example
  ☆13May 2, 2022Updated 3 years ago
• Bricktech2000 / WebInfo

  View on GitHub
  A program to steal user information through a simple link
  ☆14May 19, 2023Updated 2 years ago
• Archx0Mas / Dropper-Sektor7-Testing

  View on GitHub
  A dropper that decrypts encrypted xor payload and can inject it in explorer.exe proccess
  ☆10Aug 1, 2021Updated 4 years ago
• paulveillard / cybersecurity-malware

  View on GitHub
  An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites…
  ☆13Mar 25, 2023Updated 2 years ago
• Phobos-developers / SyringeEx

  View on GitHub
  Syringe allows the injection of code from a DLL into a process it started.
  ☆16Dec 12, 2025Updated 2 months ago
• cocomelonc / 2022-01-24-malware-injection-15

  View on GitHub
  Process injection via KernelCallbackTable
  ☆13Jan 28, 2022Updated 4 years ago
• stef / idapro-cortex-m-hwregs

  View on GitHub
  An IDA Pro plugin that sets up the addresses and structures for Cortex M series MCUs (currently stm32f2xx only)
  ☆15Dec 7, 2018Updated 7 years ago
• lubiekomputer / ClipBanker

  View on GitHub
  ClipBanker Spy Trojan
  ☆11Sep 10, 2024Updated last year
• KelvinMsft / Perfvisor

  View on GitHub
  init
  ☆14Mar 16, 2020Updated 5 years ago
• RIscRIpt / ntl

  View on GitHub
  Very tiny and selective implementation of STL for Windows NT kernel mode drivers
  ☆18Jun 22, 2021Updated 4 years ago
• Jeffry38 / Skynet-Botnet

  View on GitHub
  A Build Your Own Botnet Project Build For People Who Wanna Hijack Peoples Computers And Control Them With Over 300 Features!
  ☆14Jun 2, 2019Updated 6 years ago
• loneicewolf / EXEC_LKM

  View on GitHub
  A LKM (Loadable Kernel Module) to execute a command as root; I include a example of using netcat and a compiled(with source and steps on…
  ☆16Oct 8, 2024Updated last year
• 1captainnemo1 / DLLREVERSESHELL

  View on GitHub
  A CUSTOM CODED FUD DLL, CODED IN C , WHEN LOADED , VIA A DECOY WEB-DELIVERY MODULE( FIRING A DECOY PROGRAM), WILL GIVE A REVERSE SHELL (P…
  ☆33Jun 4, 2019Updated 6 years ago
• hashXploiter / darkcoders-net

  View on GitHub
  DarkC0ders net is a open source botnet which is programmed in C#, using the .NET 2.0 Framework.
  ☆10Dec 1, 2019Updated 6 years ago
• KelvinMsft / UsbMon

  View on GitHub
  ☆39Oct 29, 2020Updated 5 years ago
• tsarpaul / WinRpcTutorial

  View on GitHub
  A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial
  ☆16Jun 22, 2019Updated 6 years ago
• NeoMaster831 / rwDriver

  View on GitHub
  Executes Read/Write process memory with `NtQueryCompositionSurfaceStatistics`
  ☆23Feb 10, 2024Updated 2 years ago
• Qfrost911 / KACE

  View on GitHub
  Emulate Drivers in RING3 with self context mapping or unicorn
  ☆21Jan 1, 2025Updated last year
• EngineOwningSoftware / HWBRK

  View on GitHub
  Windows x86 Hardware Breakpoint class for Windows >Vista
  ☆23Aug 7, 2016Updated 9 years ago
• killvxk / awesome-bootkit

  View on GitHub
  Bootkits
  ☆19Sep 13, 2023Updated 2 years ago
• 0x36 / BinTrace

  View on GitHub
  Tracing and parsing an executing binary file
  ☆29Aug 7, 2015Updated 10 years ago
• NYAN-x-CAT / Lime-Registry-DB

  View on GitHub
  Simple way to read wirte delete values from registry
  ☆18Jun 24, 2019Updated 6 years ago
• stuxnet147 / Win-Kernel-PiDqSerializationWrite-Example

  View on GitHub
  How to use PiDqSerializationWrite. Introduces how to safely read and write from mapped driver
  ☆26May 29, 2023Updated 2 years ago
• jiazhang0 / SELoader

  View on GitHub
  Secure EFI Loader designed to authenticate the non-PE files
  ☆48Nov 3, 2022Updated 3 years ago
• puniaze / dirs3arch

  View on GitHub
  HTTP(S) directory/file brute forcer
  ☆21Feb 22, 2023Updated 2 years ago
• lion001am / Condi-Mirai

  View on GitHub
  layer7 mirai private layer4 ovh bypass nfo bypass
  ☆43Aug 11, 2022Updated 3 years ago
• fengjixuchui / CodaPinTracer

  View on GitHub
  Lightweight WINAPI tracing with Pin
  ☆27Aug 22, 2019Updated 6 years ago
• mobking33 / Translock-for-iPhone-4-digit-passcode-cracking-

  View on GitHub
  A library that injects into SpringBoard and bruteforce the 4-digit lockscreen pin.
  ☆10Mar 24, 2015Updated 10 years ago
• d35ha / RunPE

  View on GitHub
  An example of PE hollowing injection technique
  ☆25Jun 28, 2019Updated 6 years ago
• edxsh / CVE-2019-5782_CVE-2019-13768

  View on GitHub
  Full chain Chrome 71.0.3578.98 exploit
  ☆22Jul 18, 2021Updated 4 years ago
• MMitsuha / Locker

  View on GitHub
  Bypass anti-virus with various method
  ☆34Sep 23, 2023Updated 2 years ago
• proxytype / Hide-FS

  View on GitHub
  Inject dll to explorer.exe and hide file from process.
  ☆23Apr 24, 2021Updated 4 years ago
• guidoreina / http_inspect

  View on GitHub
  HTTP/HTTPS/DNS inspector (windows driver)
  ☆27Feb 20, 2019Updated 6 years ago
• fengjixuchui / SharedMemory-By-Frankoo

  View on GitHub
  Kernel driver that uses Shared memory to communicate with UserMode
  ☆88Apr 25, 2019Updated 6 years ago
• SunnyKi / bareBoot

  View on GitHub
  Bare Boot. EFI bootloader for Mac OS, Windows, Linux etc
  ☆57Dec 18, 2019Updated 6 years ago
• EL-MTN / Ransomware

  View on GitHub
  A proof-of-concept Node.js ransomware
  ☆21Mar 27, 2022Updated 3 years ago
• XShar / Super_Hide_String

  View on GitHub
  Скрытие строки от отладчиков и декомпиляторов
  ☆51Oct 16, 2019Updated 6 years ago
• egtra / ndiscap-packet

  View on GitHub
  Windows ndiscap.sys adapter for WinPcap applications
  ☆27Jun 26, 2016Updated 9 years ago