ArtemBaranov / WindowsRootkitsGuide
☆64Updated last month
Alternatives and similar repositories for WindowsRootkitsGuide:
Users that are interested in WindowsRootkitsGuide are comparing it to the libraries listed below
- Configuration Extractors for Malware☆92Updated last month
- A CIA tradecraft technique to asynchronously detect when a process is created using WMI.☆134Updated last year
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆141Updated 8 months ago
- Tools for analyzing EDR agents☆221Updated 9 months ago
- Analyse MSI files for vulnerabilities☆125Updated 6 months ago
- ☆103Updated 4 months ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated last year
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆76Updated 6 months ago
- ☆105Updated 8 months ago
- ☆149Updated 3 months ago
- ☆37Updated 11 months ago
- ☆111Updated last month
- APT hub, It help's research to collect information and data on the latest APT activities. It collects data on APT profiles, IOCs(1 yr), a…☆48Updated last week
- Virus.xcheck is a Python tool designed to bulk verify the existence of file hashes in the Virus Exchange database and fetch download URLs…☆52Updated 3 weeks ago
- Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis☆50Updated 6 months ago
- Offensive Lua.☆180Updated last year
- A Mythic Agent written in PIC C.☆183Updated last month
- Python tool to check rootkits in Windows kernel☆195Updated 3 weeks ago
- Lena's scripts/code/resources for malware analysis☆25Updated 9 months ago
- Cheat sheet to detect and remove linux kernel rootkit☆52Updated 3 months ago
- ☆114Updated last year
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆159Updated 3 months ago
- A collection of tools, scripts and personal research☆127Updated 8 months ago
- A practical resource on using open-source tools for Incident Response. This repo shares workflows, tool setups, and steps for responding …☆28Updated 4 months ago
- Evade EDR's the simple way, by not touching any of the API's they hook.☆89Updated last month
- Construct the payload at runtime using an array of offsets�☆63Updated 9 months ago
- Windows Administrator level Implant.☆49Updated 5 months ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆195Updated 9 months ago