Collection of windows rootkits
☆29Jun 4, 2020Updated 5 years ago
Alternatives and similar repositories for awesome-windows-rootkits
Users that are interested in awesome-windows-rootkits are comparing it to the libraries listed below
Sorting:
- A CUSTOM CODED FUD DLL, CODED IN C , WHEN LOADED , VIA A DECOY WEB-DELIVERY MODULE( FIRING A DECOY PROGRAM), WILL GIVE A REVERSE SHELL (P…☆35Jun 4, 2019Updated 6 years ago
- post exploitation: dll injection, process hollowing, RunPe, Keyloggers, UacByPass, PayloadEncryption etc..☆14Aug 31, 2017Updated 8 years ago
- Kernel-space x86_64 Linux rootkit leveraging kprobes and ftrace for syscall hooking (hiding entries and reverse shell backdoor)☆24Nov 20, 2025Updated 4 months ago
- An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites…☆13Mar 25, 2023Updated 2 years ago
- DarkC0ders net is a open source botnet which is programmed in C#, using the .NET 2.0 Framework.☆10Dec 1, 2019Updated 6 years ago
- Process injection via KernelCallbackTable☆13Jan 28, 2022Updated 4 years ago
- ClipBanker Spy Trojan☆11Sep 10, 2024Updated last year
- A dropper that decrypts encrypted xor payload and can inject it in explorer.exe proccess☆10Aug 1, 2021Updated 4 years ago
- javascript botnet browser V3 based one Cloud 9 Botnet and my botnet browser chrome. capture any web site,virtual clavier ,paypal,facebook…☆10Sep 12, 2020Updated 5 years ago
- Hides processes from the windows task manager using IAT hooking.☆22Mar 30, 2021Updated 4 years ago
- Malware persistence via COM DLL hijacking. C++ implementation example☆13May 2, 2022Updated 3 years ago
- Malware Classification and Labelling using Deep Neural Networks☆41Feb 1, 2020Updated 6 years ago
- A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial☆16Jun 22, 2019Updated 6 years ago
- Incarcero is a tool that creates Virtual Machines (VMs) preconfigured with malware analysis tools and security settings tailored for malw…☆92Nov 4, 2023Updated 2 years ago
- init☆14Mar 16, 2020Updated 6 years ago
- Download a Bunch of Malware for Demos and Testing☆13Sep 28, 2018Updated 7 years ago
- A program to steal user information through a simple link☆15May 19, 2023Updated 2 years ago
- HTTP/HTTPS/DNS inspector (windows driver)☆27Feb 20, 2019Updated 7 years ago
- ☆39Oct 29, 2020Updated 5 years ago
- Tracing and parsing an executing binary file☆30Aug 7, 2015Updated 10 years ago
- Bootkits☆19Sep 13, 2023Updated 2 years ago
- Decompile an x86 exe, and read PE infos.☆19Sep 29, 2018Updated 7 years ago
- A LKM (Loadable Kernel Module) to execute a command as root; I include a example of using netcat and a compiled(with source and steps on…☆16Oct 8, 2024Updated last year
- Malware samples for analysis, researchers, anti-virus and system protection testing.(5000+ Malware-samples!)☆40Jul 30, 2022Updated 3 years ago
- RITlug website☆14Mar 7, 2026Updated 2 weeks ago
- A collection of malware samples caught by DIONAEA Honeypot☆11May 29, 2019Updated 6 years ago
- Windows x86 Hardware Breakpoint class for Windows >Vista☆23Aug 7, 2016Updated 9 years ago
- A MirrorDriver with SharedMemory useing EngMapFile☆23Apr 2, 2020Updated 5 years ago
- Privilege Escilation training project, with an emphasis on the distinction between vulnerability research & it's exposure and exploitatio…☆35Nov 26, 2016Updated 9 years ago
- An IDA Pro plugin that sets up the addresses and structures for Cortex M series MCUs (currently stm32f2xx only)☆15Dec 7, 2018Updated 7 years ago
- HTTP(S) directory/file brute forcer☆21Feb 22, 2023Updated 3 years ago
- Very tiny and selective implementation of STL for Windows NT kernel mode drivers☆18Jun 22, 2021Updated 4 years ago
- Fastly scans open ports on large networks and bruteforce login mechanism of found services☆12Aug 24, 2019Updated 6 years ago
- A proof-of-concept Node.js ransomware☆21Mar 27, 2022Updated 3 years ago
- This is a small script to make the local exploitation process easier. It downloads the precompiled exploit for x86 and x64 architectures …☆31Aug 30, 2017Updated 8 years ago
- A collection of malware that we use for testing and training☆12Nov 11, 2020Updated 5 years ago
- An example of PE hollowing injection technique☆25Jun 28, 2019Updated 6 years ago
- Syringe allows the injection of code from a DLL into a process it started.☆16Updated this week
- Manual PE image mapper☆66Aug 29, 2013Updated 12 years ago