Zerokit/GAPZ rootkit (non buildable and only for researching)
☆185Mar 30, 2019Updated 6 years ago
Alternatives and similar repositories for zerokit
Users that are interested in zerokit are comparing it to the libraries listed below
Sorting:
- Zerokit shared code☆17Mar 28, 2019Updated 6 years ago
- User-mode part of Zerokit platform☆22Mar 30, 2019Updated 6 years ago
- Analysis and Modification Tool for Executables☆17Mar 28, 2019Updated 6 years ago
- Public documents related to my talk "Bypass Windows Exploit Guard ASR" at Offensive Con 2019.☆94Feb 24, 2019Updated 7 years ago
- A tiny PoC to inject and execute code into explorer.exe with WM_SETTEXT+WM_COPYDATA+SetThreadContext☆53Apr 29, 2018Updated 7 years ago
- exploit termdd.sys(support kb4499175)☆61Jul 15, 2019Updated 6 years ago
- A novel technique to hide code from debuggers & disassemblers☆161Aug 9, 2024Updated last year
- ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.☆92May 23, 2019Updated 6 years ago
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆32Aug 7, 2019Updated 6 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆35Aug 3, 2018Updated 7 years ago
- idenLib - Library Function Identification [This project is not maintained anymore]☆395Mar 17, 2019Updated 7 years ago
- Process reimaging proof of concept code☆97Jun 21, 2019Updated 6 years ago
- Protects deletion of files with a specified extension using a kernel-mode driver.☆76Jul 16, 2018Updated 7 years ago
- ☆46Jun 14, 2018Updated 7 years ago
- Virtual Machine Introspection, Tracing & Debugging☆597Feb 22, 2022Updated 4 years ago
- An IDA plugin to deal with Event Tracing for Windows (ETW)☆56Jul 8, 2022Updated 3 years ago
- makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]☆742Mar 17, 2019Updated 7 years ago
- Hyper-V Research is trendy now☆199May 6, 2024Updated last year
- Execute an arbitrary command within the context of another process☆21Jun 28, 2019Updated 6 years ago
- Local privilege escalation PoC exploit for CVE-2019-16098☆201Sep 13, 2019Updated 6 years ago
- ☆164May 18, 2018Updated 7 years ago
- Reverse engineered source code of the autochk rootkit☆210Nov 1, 2019Updated 6 years ago
- Diff tool for comparing symbols in PDB files☆84Mar 4, 2020Updated 6 years ago
- Simple 32/64-bit PEs loader.☆139Dec 19, 2018Updated 7 years ago
- Tool for injecting a "TCP Relay" managed assembly into unmanaged processes☆117May 23, 2019Updated 6 years ago
- Windows Drivers☆100Apr 6, 2019Updated 6 years ago
- AppXSvc Arbitrary File Security Descriptor Overwrite EoP☆20Sep 15, 2019Updated 6 years ago
- Kernel mode windows NT API logger☆22Sep 9, 2019Updated 6 years ago
- POC viruses I have created to demo some ideas☆59Apr 12, 2020Updated 5 years ago
- My repository to upload drivers from different books and all the information related to windows internals.☆163Aug 16, 2019Updated 6 years ago
- A project that aims to automatically devirtualize code that has been virtualized using x86virt☆127Dec 3, 2022Updated 3 years ago
- Stealthy backdoor for Windows operating systems☆284Feb 13, 2020Updated 6 years ago
- The Windows Library for Intel Process Trace (WinIPT) is a project that leverages the new Intel Processor Trace functionality exposed by W…☆406Apr 27, 2023Updated 2 years ago
- A more stealthy variant of "DLL hollowing"☆363Mar 8, 2024Updated 2 years ago
- A fully automatic CVE-2019-0841 bypass targeting all versions of Edge in Windows 10.☆59Jun 11, 2019Updated 6 years ago
- A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.☆437Aug 22, 2018Updated 7 years ago
- PoC for CVE-2019-0888 - Use-After-Free in Windows ActiveX Data Objects (ADO)☆40Jul 9, 2019Updated 6 years ago
- PoC designed to evade userland-hooking anti-virus.☆90May 15, 2019Updated 6 years ago
- Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …☆446Oct 26, 2022Updated 3 years ago