Alternatives and similar repositories for detect-lkm-rootkit-cheatsheet:

Users that are interested in detect-lkm-rootkit-cheatsheet are comparing it to the libraries listed below

• SafeBreach-Labs / MagicDot
  A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue
  ☆98Updated last year
• eric-conrad / c2-talk
  ☆37Updated last year
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆53Updated 3 months ago
• MatheuZSecurity / Imperius
  Make an Linux Kernel rootkit visible again.
  ☆51Updated 2 months ago
• LambdaMamba / LenaMalwareAnalysis
  Lena's scripts/code/resources for malware analysis
  ☆26Updated 10 months ago
• flostyen / windows-persistence
  Windows Persistence IT-Security
  ☆97Updated last month
• MatheuZSecurity / Rootkit
  Collection of codes focused on Linux rootkits
  ☆107Updated 2 months ago
• cbecks2 / edr-artifacts
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆78Updated 8 months ago
• lasq88 / MalwareAnalysis
  Malware Analysis tools
  ☆26Updated 7 months ago
• hasherezade / flareon2024
  ☆37Updated 4 months ago
• pygrum / monarch
  Monarch - The Adversary Emulation Toolkit
  ☆62Updated 4 months ago
• OtterHacker / Hooker
  ☆105Updated 6 months ago
• BlackSnufkin / CheckPlz
  Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.
  ☆16Updated 4 months ago
• Karkas66 / CelestialSpark
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆103Updated last month
• VirtualSamuraii / flyphish
  Deploy a phishing infrastructure on the fly.
  ☆68Updated 4 months ago
• jaredcatkinson / MalwareMorphology
  ☆80Updated 5 months ago
• wetw0rk / wetw0rk.github.io
  ☆18Updated last month
• synacktiv / DLHell
  Local & remote Windows DLL Proxying
  ☆164Updated 10 months ago
• BC-SECURITY / ScriptBlock-Smuggling
  Example code samples from our ScriptBlock Smuggling Blog post
  ☆90Updated 10 months ago
• sidaf / moonshine
  ☆69Updated last year
• sensepost / mydumbedr
  ☆119Updated last year
• rad9800 / FileRenameJunctionsEDRDisable
  ☆154Updated 4 months ago
• redr0nin / Agentic-Flow-Corruption-Attacks
  A red teaming attack paradigm against AI Agents
  ☆29Updated last month
• reecdeep / hollowise
  Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …
  ☆36Updated 2 months ago
• 0xsch1zo / NullGate
  Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.
  ☆92Updated last week
• SafeBreach-Labs / CortexVortex
  ☆77Updated last year
• RWXstoned / GimmeShelter
  Situational Awareness script to identify how and where to run implants
  ☆50Updated 5 months ago
• yo-yo-yo-jbo / injection_and_hooking_intro
  ☆38Updated 2 years ago
• OmriBaso / BesoToken
  A tool to Impersonate logged on users without touching LSASS (Including non-Interactive sessions).
  ☆93Updated 2 years ago
• 0x4d5a-ctf / 38c3_com_talk
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆73Updated 4 months ago