Jokas-null / Windows_RootKit
A windows kernel-mode rootkit with remote control
☆12Updated 2 years ago
Alternatives and similar repositories for Windows_RootKit:
Users that are interested in Windows_RootKit are comparing it to the libraries listed below
- Process injection via KernelCallbackTable☆14Updated 3 years ago
- Malware persistence via COM DLL hijacking. C++ implementation example☆14Updated 2 years ago
- Classic DLL injection. Download dll from url and inject. Simple C++ implementation☆10Updated 2 years ago
- Utilizing Alternative Shellcode Execution Via Callbacks☆13Updated last year
- using the Recycle Bin to insure persistence☆12Updated 2 years ago
- Basic disassembly technique to slow down disasm process☆10Updated 5 years ago
- A dropper that decrypts encrypted xor payload and can inject it in explorer.exe proccess☆9Updated 3 years ago
- Code injection via ZwCreateSection, ZwUnmapViewOfSection. C++ example☆17Updated 3 years ago
- Reduce Dynamic Analysis Detection Rates With Built-In Unhooker, Anti Analysis Techniques, And String Obfuscator Modules.☆18Updated 2 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆15Updated 6 years ago
- Just another casual shellcode native loader☆24Updated 3 years ago
- Infects PE files with a shellcode☆18Updated 6 years ago
- Run shellcode via EnumDesktopsA. C++ implementation☆13Updated 2 years ago
- A custom run space to bypass AMSI and Constrained Language mode in PowerShell.☆19Updated last year
- DarkRats Standalone HVNC☆24Updated 2 years ago
- Multipurpose malware framework☆23Updated 3 years ago
- With this RunPE you can easily inject your payload in any x86 or x64 program.☆13Updated 5 years ago
- A CUSTOM CODED FUD DLL, CODED IN C , WHEN LOADED , VIA A DECOY WEB-DELIVERY MODULE( FIRING A DECOY PROGRAM), WILL GIVE A REVERSE SHELL (P…☆34Updated 5 years ago
- ollvm, based on llvm-clang 5.0.2, 6.0.1, 7.0.1, 8.0, 9.0, 9.0.1☆19Updated 2 years ago
- ExplorerUACStealer it's a malware that steal credentials provided by users in UAC Auth in explorer using API Hooking with Detours in C++…☆15Updated last year
- Manually perform syscalls without going through any external API or DLL.☆18Updated last year
- ☆12Updated 4 years ago
- My Own VirtualAlloc Implementation to use as alternative unknown for all the defense solutions of VirtualAlloc Win32 API Function☆8Updated last year
- JALSI - Just Another Lame Shellcode Injector☆30Updated 3 years ago
- Listing UDP connections with remote address without sniffing.☆30Updated last year
- Hooking Heavens Gate in a weekend☆13Updated 3 years ago
- 64bit Windows 10 shellcode that adds user BOKU:SP3C1ALM0V3 to the system and the localgroups Administrators & "Remote Desktop Users"☆38Updated 3 years ago
- Bypass UAC by abusing shell protocol handlers☆14Updated 3 years ago
- Collection of shellcode injection and execution techniques☆16Updated 3 years ago
- Lightweight Threat Detection System - (Base)☆14Updated 11 months ago