Alternatives and similar repositories for detect-lkm-rootkit-cheatsheet:

Users that are interested in detect-lkm-rootkit-cheatsheet are comparing it to the libraries listed below

• MatheuZSecurity / Rootkit
  Collection of codes focused on Linux rootkits
  ☆84Updated 3 weeks ago
• rtfmkiesel / loldrivers-client
  Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io
  ☆81Updated last year
• wetw0rk / wetw0rk.github.io
  ☆18Updated last week
• 0x4d5a-ctf / 38c3_com_talk
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆71Updated last month
• 0x4141414141 / Malware-Devlopment
  Work in progress experiments with reverse shells, AV bypass and extraction of secrets from memory in C
  ☆39Updated 5 years ago
• airbus-cert / minusone
  Powershell Linter
  ☆50Updated 2 weeks ago
• SafeBreach-Labs / MagicDot
  A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue
  ☆96Updated 10 months ago
• Karkas66 / CelestialSpark
  A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust
  ☆83Updated 10 months ago
• synacktiv / DLHell
  Local & remote Windows DLL Proxying
  ☆162Updated 8 months ago
• FuzzySecurity / BHUSA-2023
  ☆105Updated 7 months ago
• MatheuZSecurity / Imperius
  Make an Linux Kernel rootkit visible again.
  ☆47Updated last month
• hasherezade / flareon2024
  ☆35Updated 2 months ago
• OtterHacker / Hooker
  ☆103Updated 3 months ago
• FarghlyMal / Config-Extractors
  ☆25Updated 2 months ago
• ViperXSecurity / lib-nosa
  lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
  ☆102Updated 5 months ago
• yo-yo-yo-jbo / injection_and_hooking_intro
  ☆38Updated last year
• outflanknl / edr-internals
  Tools for analyzing EDR agents
  ☆220Updated 8 months ago
• naacbin / CovenantDecryptor
  ☆20Updated last year
• fin3ss3g0d / NativeThreadpool
  Work, timer, and wait callback example using solely Native Windows APIs.
  ☆85Updated last year
• sensepost / mydumbedr
  ☆112Updated last year
• 20urc3 / Aplos
  Aplos an extremely simple fuzzer for Windows binaries.
  ☆68Updated this week
• CICADA8-Research / MyMSIAnalyzer
  Analyse MSI files for vulnerabilities
  ☆124Updated 5 months ago
• TierZeroSecurity / edr_blocker
  Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…
  ☆141Updated 6 months ago
• antonioCoco / infosec-talks
  ☆48Updated last year
• rad9800 / FileRenameJunctionsEDRDisable
  ☆143Updated 2 months ago
• ArtemBaranov / WindowsRootkitsGuide
  ☆63Updated 3 weeks ago
• Evi1Grey5 / Recursive-Loader
  Recursive Loader
  ☆101Updated 4 months ago
• sec-consult / msiscan
  Scanning tool for identifying local privilege escalation issues in vulnerable MSI installers
  ☆112Updated 5 months ago