ExaTrack/Kdrill external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

ExaTrack/Kdrill

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ExaTrack/Kdrill)

Close

ExaTrack / KdrillView on GitHubMore

• External links
• Readme badge

Python tool to check rootkits in Windows kernel

☆210Aug 20, 2025Updated 9 months ago

Alternatives and similar repositories for Kdrill

Users that are interested in Kdrill are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• ANSSI-FR / orc2timeline

  View on GitHub
  orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them
  ☆34Jun 27, 2025Updated 11 months ago
• klezVirus / DriverJack

  View on GitHub
  Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths
  ☆360Aug 11, 2024Updated last year
• Diverto / IPPrintC2

  View on GitHub
  PoC for using MS Windows printers for persistence / command and control via Internet Printing
  ☆153May 3, 2024Updated 2 years ago
• deepinstinct / ShimMe

  View on GitHub
  ☆146Oct 29, 2024Updated last year
• vxCrypt0r / Voidgate

  View on GitHub
  A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…
  ☆598Jun 12, 2024Updated last year
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• Offensive-Panda / RWX_MEMEORY_HUNT_AND_INJECTION_DV

  View on GitHub
  Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
  ☆293May 27, 2024Updated 2 years ago
• 0mWindyBug / RansomGuard

  View on GitHub
  anti-ransomware file-system filter
  ☆71Sep 3, 2024Updated last year
• zimnyaa / smbsocks

  View on GitHub
  A simple rpc2socks alternative in pure Go.
  ☆31Jul 8, 2024Updated last year
• outflanknl / edr-internals

  View on GitHub
  Tools for analyzing EDR agents
  ☆278Jun 10, 2024Updated 2 years ago
• daem0nc0re / VectorKernel

  View on GitHub
  PoCs for Kernelmode rootkit techniques research.
  ☆441Mar 25, 2026Updated 2 months ago
• joe-desimone / patriot

  View on GitHub
  ☆162Jul 31, 2022Updated 3 years ago
• d419h / IconJector

  View on GitHub
  Inject DLLs into the explorer process using icons
  ☆407May 18, 2025Updated last year
• ColeHouston / Sunder

  View on GitHub
  Windows rootkit designed to work with BYOVD exploits
  ☆221Jan 18, 2025Updated last year
• DualHorizon / blackpill

  View on GitHub
  A Linux kernel rootkit in Rust using a custom made type-2 hypervisor, eBPF XDP and TC programs
  ☆341Feb 27, 2026Updated 3 months ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• trustedsec / VerifyELF

  View on GitHub
  ☆28May 6, 2024Updated 2 years ago
• 0xHossam / KernelCallbackTable-Injection-PoC

  View on GitHub
  Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…
  ☆274Oct 31, 2024Updated last year
• eversinc33 / Banshee

  View on GitHub
  Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.
  ☆604Aug 2, 2025Updated 10 months ago
• LETHAL-FORENSICS / MemProcFS-Analyzer

  View on GitHub
  MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
  ☆717May 2, 2026Updated last month
• floesen / KExecDD

  View on GitHub
  Admin to Kernel code execution using the KSecDD driver
  ☆269Apr 19, 2024Updated 2 years ago
• senzee1984 / EDRPrison

  View on GitHub
  Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry
  ☆470Aug 2, 2024Updated last year
• fin3ss3g0d / StoneKeeper

  View on GitHub
  StoneKeeper C2, an experimental EDR evasion framework for research purposes
  ☆209Dec 25, 2024Updated last year
• synacktiv / Invoke-RunAsWithCert

  View on GitHub
  A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.
  ☆177May 13, 2024Updated 2 years ago
• helviojunior / hookchain

  View on GitHub
  HookChain: A new perspective for Bypassing EDR Solutions
  ☆604Jan 5, 2025Updated last year
• End-to-end encrypted cloud storage - Proton Drive • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
• Meckazin / ChromeKatz

  View on GitHub
  Dump cookies and credentials directly from Chrome/Edge process memory
  ☆1,462Apr 9, 2026Updated 2 months ago
• synacktiv / captaincredz

  View on GitHub
  CaptainCredz is a modular and discreet password-spraying tool.
  ☆136Updated this week
• BlackSnufkin / Invoke-DumpMDEConfig

  View on GitHub
  PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges requir…
  ☆155Jun 10, 2024Updated 2 years ago
• decoder-it / DFSCoerce-exe-2

  View on GitHub
  DFSCoerce exe revisited version with custom authentication
  ☆43Jan 13, 2024Updated 2 years ago
• synacktiv / keebcap

  View on GitHub
  Win32 keylogger that supports all (non-ime using) languages correctly
  ☆54Dec 21, 2023Updated 2 years ago
• EgeBalci / deoptimizer

  View on GitHub
  Evasion by machine code de-optimization.
  ☆425Jul 22, 2024Updated last year
• k1nd0ne / VolWeb

  View on GitHub
  A centralized and enhanced memory analysis platform
  ☆524Mar 20, 2026Updated 2 months ago
• jonny-jhnson / ETWInspector

  View on GitHub
  ☆207May 10, 2026Updated 3 weeks ago
• zzhsec / NlsCodeInjectionThroughRegistry

  View on GitHub
  Dll injection through code page id modification in registry. Based on jonas lykk research
  ☆16Jun 18, 2022Updated 3 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• cybersectroll / TrollDump

  View on GitHub
  ☆84May 19, 2024Updated 2 years ago
• thefLink / DeepSleep

  View on GitHub
  A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC
  ☆377May 24, 2022Updated 4 years ago
• exploits-forsale / 24h2-nt-exploit

  View on GitHub
  Exploit targeting NT kernel in 24H2 Windows Insider Preview
  ☆154Apr 26, 2024Updated 2 years ago
• listinvest / undonut

  View on GitHub
  Unpacker for donut shellcode
  ☆22Jun 20, 2020Updated 5 years ago
• CICADA8-Research / MyMSIAnalyzer

  View on GitHub
  Analyse MSI files for vulnerabilities
  ☆143Aug 30, 2024Updated last year
• floesen / EventLogCrasher

  View on GitHub
  ☆188Jan 23, 2024Updated 2 years ago
• CICADA8-Research / Spyndicapped

  View on GitHub
  COM ViewLogger — new malware keylogging technique
  ☆406Jan 6, 2025Updated last year