ExaTrack/Kdrill external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

ExaTrack/Kdrill

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ExaTrack/Kdrill)

Close

ExaTrack / KdrillView on GitHubMore

• External links
• Readme badge

Python tool to check rootkits in Windows kernel

☆209Aug 20, 2025Updated 7 months ago

Alternatives and similar repositories for Kdrill

Users that are interested in Kdrill are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• ANSSI-FR / orc2timeline

  View on GitHub
  orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them
  ☆34Jun 27, 2025Updated 9 months ago
• klezVirus / DriverJack

  View on GitHub
  Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths
  ☆361Aug 11, 2024Updated last year
• Diverto / IPPrintC2

  View on GitHub
  PoC for using MS Windows printers for persistence / command and control via Internet Printing
  ☆151May 3, 2024Updated last year
• deepinstinct / ShimMe

  View on GitHub
  ☆147Oct 29, 2024Updated last year
• vxCrypt0r / Voidgate

  View on GitHub
  A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…
  ☆593Jun 12, 2024Updated last year
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• Offensive-Panda / RWX_MEMEORY_HUNT_AND_INJECTION_DV

  View on GitHub
  Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
  ☆291May 27, 2024Updated last year
• 0mWindyBug / RansomGuard

  View on GitHub
  anti-ransomware file-system filter
  ☆69Sep 3, 2024Updated last year
• zimnyaa / smbsocks

  View on GitHub
  A simple rpc2socks alternative in pure Go.
  ☆31Jul 8, 2024Updated last year
• outflanknl / edr-internals

  View on GitHub
  Tools for analyzing EDR agents
  ☆278Jun 10, 2024Updated last year
• daem0nc0re / VectorKernel

  View on GitHub
  PoCs for Kernelmode rootkit techniques research.
  ☆436Mar 25, 2026Updated 2 weeks ago
• joe-desimone / patriot

  View on GitHub
  ☆157Jul 31, 2022Updated 3 years ago
• d419h / IconJector

  View on GitHub
  Inject DLLs into the explorer process using icons
  ☆407May 18, 2025Updated 10 months ago
• ColeHouston / Sunder

  View on GitHub
  Windows rootkit designed to work with BYOVD exploits
  ☆218Jan 18, 2025Updated last year
• DualHorizon / blackpill

  View on GitHub
  A Linux kernel rootkit in Rust using a custom made type-2 hypervisor, eBPF XDP and TC programs
  ☆338Feb 27, 2026Updated last month
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• trustedsec / VerifyELF

  View on GitHub
  ☆27May 6, 2024Updated last year
• 0xHossam / KernelCallbackTable-Injection-PoC

  View on GitHub
  Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…
  ☆273Oct 31, 2024Updated last year
• LETHAL-FORENSICS / MemProcFS-Analyzer

  View on GitHub
  MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
  ☆702Oct 22, 2025Updated 5 months ago
• eversinc33 / Banshee

  View on GitHub
  Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.
  ☆594Aug 2, 2025Updated 8 months ago
• floesen / KExecDD

  View on GitHub
  Admin to Kernel code execution using the KSecDD driver
  ☆264Apr 19, 2024Updated last year
• fin3ss3g0d / StoneKeeper

  View on GitHub
  StoneKeeper C2, an experimental EDR evasion framework for research purposes
  ☆209Dec 25, 2024Updated last year
• senzee1984 / EDRPrison

  View on GitHub
  Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry
  ☆462Aug 2, 2024Updated last year
• synacktiv / Invoke-RunAsWithCert

  View on GitHub
  A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.
  ☆175May 13, 2024Updated last year
• helviojunior / hookchain

  View on GitHub
  HookChain: A new perspective for Bypassing EDR Solutions
  ☆595Jan 5, 2025Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• Meckazin / ChromeKatz

  View on GitHub
  Dump cookies and credentials directly from Chrome/Edge process memory
  ☆1,430Updated this week
• synacktiv / captaincredz

  View on GitHub
  CaptainCredz is a modular and discreet password-spraying tool.
  ☆134Jul 22, 2025Updated 8 months ago
• BlackSnufkin / Invoke-DumpMDEConfig

  View on GitHub
  PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges requir…
  ☆155Jun 10, 2024Updated last year
• decoder-it / DFSCoerce-exe-2

  View on GitHub
  DFSCoerce exe revisited version with custom authentication
  ☆43Jan 13, 2024Updated 2 years ago
• synacktiv / keebcap

  View on GitHub
  Win32 keylogger that supports all (non-ime using) languages correctly
  ☆53Dec 21, 2023Updated 2 years ago
• EgeBalci / deoptimizer

  View on GitHub
  Evasion by machine code de-optimization.
  ☆423Jul 22, 2024Updated last year
• jonny-jhnson / ETWInspector

  View on GitHub
  ☆183Apr 24, 2025Updated 11 months ago
• k1nd0ne / VolWeb

  View on GitHub
  A centralized and enhanced memory analysis platform
  ☆524Mar 20, 2026Updated 2 weeks ago
• zzhsec / NlsCodeInjectionThroughRegistry

  View on GitHub
  Dll injection through code page id modification in registry. Based on jonas lykk research
  ☆16Jun 18, 2022Updated 3 years ago
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• cybersectroll / TrollDump

  View on GitHub
  ☆84May 19, 2024Updated last year
• exploits-forsale / 24h2-nt-exploit

  View on GitHub
  Exploit targeting NT kernel in 24H2 Windows Insider Preview
  ☆152Apr 26, 2024Updated last year
• thefLink / DeepSleep

  View on GitHub
  A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC
  ☆378May 24, 2022Updated 3 years ago
• listinvest / undonut

  View on GitHub
  Unpacker for donut shellcode
  ☆21Jun 20, 2020Updated 5 years ago
• dobin / RedEdr

  View on GitHub
  Collect Windows telemetry for Maldev
  ☆467Jan 30, 2026Updated 2 months ago
• CICADA8-Research / MyMSIAnalyzer

  View on GitHub
  Analyse MSI files for vulnerabilities
  ☆142Aug 30, 2024Updated last year
• floesen / EventLogCrasher

  View on GitHub
  ☆188Jan 23, 2024Updated 2 years ago