Collection of windows rootkits
☆29Jun 4, 2020Updated 5 years ago
Alternatives and similar repositories for awesome-windows-rootkits
Users that are interested in awesome-windows-rootkits are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A CUSTOM CODED FUD DLL, CODED IN C , WHEN LOADED , VIA A DECOY WEB-DELIVERY MODULE( FIRING A DECOY PROGRAM), WILL GIVE A REVERSE SHELL (P…☆34Jun 4, 2019Updated 6 years ago
- Kernel-space x86_64 Linux rootkit leveraging kprobes and ftrace for syscall hooking (hiding entries and reverse shell backdoor)☆25Nov 20, 2025Updated 5 months ago
- An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites…☆11Mar 25, 2023Updated 3 years ago
- DarkC0ders net is a open source botnet which is programmed in C#, using the .NET 2.0 Framework.☆10Dec 1, 2019Updated 6 years ago
- Process injection via KernelCallbackTable☆13Jan 28, 2022Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ClipBanker Spy Trojan☆11Sep 10, 2024Updated last year
- Hides processes from the windows task manager using IAT hooking.☆22Mar 30, 2021Updated 5 years ago
- layer7 mirai private layer4 ovh bypass nfo bypass☆45Aug 11, 2022Updated 3 years ago
- Thefatrat a massive exploiting tool revealed >> An easy tool to generate backdoor and easy tool to post exploitation attack like browser …☆10Jun 6, 2022Updated 3 years ago
- Malware persistence via COM DLL hijacking. C++ implementation example☆13May 2, 2022Updated 3 years ago
- A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial☆16Jun 22, 2019Updated 6 years ago
- Incarcero is a tool that creates Virtual Machines (VMs) preconfigured with malware analysis tools and security settings tailored for malw…☆92Nov 4, 2023Updated 2 years ago
- init☆14Mar 16, 2020Updated 6 years ago
- Download a Bunch of Malware for Demos and Testing☆13Sep 28, 2018Updated 7 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A program to steal user information through a simple link☆13May 19, 2023Updated 2 years ago
- HTTP/HTTPS/DNS inspector (windows driver)☆25Feb 20, 2019Updated 7 years ago
- ☆39Oct 29, 2020Updated 5 years ago
- Tracing and parsing an executing binary file☆30Aug 7, 2015Updated 10 years ago
- Bootkits☆19Sep 13, 2023Updated 2 years ago
- Decompile an x86 exe, and read PE infos.☆19Sep 29, 2018Updated 7 years ago
- A LKM (Loadable Kernel Module) to execute a command as root; I include a example of using netcat and a compiled(with source and steps on…☆16Oct 8, 2024Updated last year
- Malware samples for analysis, researchers, anti-virus and system protection testing.(5000+ Malware-samples!)☆41Jul 30, 2022Updated 3 years ago
- A collection of malware samples caught by DIONAEA Honeypot☆12May 29, 2019Updated 6 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Windows x86 Hardware Breakpoint class for Windows >Vista☆23Aug 7, 2016Updated 9 years ago
- Privilege Escilation training project, with an emphasis on the distinction between vulnerability research & it's exposure and exploitatio…☆35Nov 26, 2016Updated 9 years ago
- An IDA Pro plugin that sets up the addresses and structures for Cortex M series MCUs (currently stm32f2xx only)☆15Dec 7, 2018Updated 7 years ago
- HTTP(S) directory/file brute forcer☆21Feb 22, 2023Updated 3 years ago
- Very tiny and selective implementation of STL for Windows NT kernel mode drivers☆18Jun 22, 2021Updated 4 years ago
- A Mirai type botnet called "Meerkat" very known in the community. Methods include basic TCP flags, L7, OVH, UDPRAW & UDP, XMAS, STD, & GR…☆23Aug 21, 2022Updated 3 years ago
- Fastly scans open ports on large networks and bruteforce login mechanism of found services☆12Aug 24, 2019Updated 6 years ago
- A proof-of-concept Node.js ransomware☆20Mar 27, 2022Updated 4 years ago
- A collection of malware that we use for testing and training☆12Nov 11, 2020Updated 5 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- An example of PE hollowing injection technique☆25Jun 28, 2019Updated 6 years ago
- Syringe allows the injection of code from a DLL into a process it started.☆17Apr 19, 2026Updated last week
- Manual PE image mapper☆65Aug 29, 2013Updated 12 years ago
- ☆513Nov 21, 2020Updated 5 years ago
- Emulate Drivers in RING3 with self context mapping or unicorn☆21Jan 1, 2025Updated last year
- Ftrace Based Linux Loadable Kernel Module Rootkit for Linux Kernel 5.x up to linux kernel 6.2 on x86_64, hides files, hides process, hide…☆37Feb 4, 2026Updated 2 months ago
- ⚠️ Collection of malicious file ⚠️☆13May 5, 2021Updated 4 years ago