MatheuZSecurity / RootkitLinks
Collection of codes focused on Linux rootkits
☆110Updated 3 months ago
Alternatives and similar repositories for Rootkit
Users that are interested in Rootkit are comparing it to the libraries listed below
Sorting:
- Cheat sheet to detect and remove linux kernel rootkit☆60Updated 5 months ago
- ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.☆109Updated last month
- ModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.☆82Updated 3 months ago
- Stage 0☆160Updated 5 months ago
- Windows rootkit designed to work with BYOVD exploits☆199Updated 4 months ago
- A curated compilation of extensive resources dedicated to bootkit and rootkit development.☆56Updated last month
- Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis☆56Updated 8 months ago
- ☆68Updated 4 months ago
- Command and Control (C2) framework☆128Updated 2 weeks ago
- kernel callback removal (Bypassing EDR Detections)☆166Updated 2 months ago
- RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging☆190Updated 2 months ago
- Using the Counter Strike 1.6 RCON protocol as a C2 Channel.☆79Updated 3 months ago
- Nameless C2 - A C2 with all its components written in Rust☆267Updated 8 months ago
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆222Updated 7 months ago
- CVE-2024-30090 - LPE PoC☆107Updated 7 months ago
- early cascade injection PoC based on Outflanks blog post☆217Updated 6 months ago
- ☆155Updated 5 months ago
- POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY☆192Updated last month
- SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the proce…☆131Updated 6 months ago
- Local & remote Windows DLL Proxying☆164Updated 11 months ago
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Updated 2 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆99Updated 3 weeks ago
- Payload encoding utility to effectively lower payload entropy.☆116Updated last month
- A powerful, modular, lightweight and efficient command & control framework written in Nim.☆143Updated last month
- ☆58Updated 3 months ago
- lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.☆110Updated 8 months ago
- The result of research and investigation of malware development tricks, techniques, evasion, cryptography and linux malware☆45Updated 2 months ago
- Tools for analyzing EDR agents☆228Updated 11 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆182Updated 3 months ago
- Sleep obfuscation☆224Updated 5 months ago