0xd3xt3r / awesome-windows-rootkits
Collection of windows rootkits
☆26Updated 4 years ago
Alternatives and similar repositories for awesome-windows-rootkits:
Users that are interested in awesome-windows-rootkits are comparing it to the libraries listed below
- Gozi ISFB is a well-known and widely distributed banking trojan, and has been in the threat landscape for the past several years.☆64Updated 7 years ago
- APT, Cyber warfare, Penetration testing, Zero-day,Exploiting,Fuzzing,Privilege-Escalation,browser-security,Spyware,Malwres evade…☆35Updated 6 years ago
- Parser for a custom executable format from Hidden Bee malware (first stage)☆43Updated 7 months ago
- Exploits pack for the Windows Kernel mode driver HackSysExtremeVulnerableDriver written for educational purposes.☆66Updated 3 years ago
- Gozi-MBR-rootkit Bootkit Modified☆67Updated 8 years ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆71Updated 3 years ago
- Rekall Memory Forensic Framework☆32Updated 5 years ago
- Master list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.☆48Updated 4 years ago
- NT AUTHORITY\SYSTEM☆39Updated 4 years ago
- ☆21Updated 4 years ago
- 2022 Updated Kernelmode-Code☆31Updated last year
- A summary about different projects/presentations/tools to test how to evade malware sandbox systems☆51Updated 6 years ago
- "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …☆39Updated 5 years ago
- Fileless persistence, attacks and anti-forensic capabilties.☆91Updated 6 years ago
- PoC designed to evade userland-hooking anti-virus.☆88Updated 5 years ago
- An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples☆70Updated 3 years ago
- This repo contains all the code that will be referred at https://scriptdotsh.com by Paranoid Ninja☆46Updated 4 years ago
- -x-x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x-x- An ELF virus capable of generating segment padded trojans.☆43Updated 3 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 7 years ago
- Kernel mode windows NT API logger☆22Updated 5 years ago
- My collection of unpackers for malware packers/crypters☆28Updated 7 years ago
- ☆22Updated 4 years ago
- A simple rootkit to hide a process☆46Updated 11 years ago
- Variety of different process injections implemented in C++☆25Updated 3 years ago
- A curated list of awesome Windows Exploitation resources, and shiny things. Inspired by awesom☆68Updated 5 years ago
- Kernel-Mode rootkit that connects to a remote server to send & recv commands☆31Updated 6 years ago
- Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment☆121Updated 4 years ago
- ☆31Updated 4 years ago
- ☆45Updated 6 years ago
- A kernel rootkit with remote command and control interface for windows☆108Updated 7 years ago