Alternatives and similar repositories for detect-lkm-rootkit-cheatsheet:

Users that are interested in detect-lkm-rootkit-cheatsheet are comparing it to the libraries listed below

• MatheuZSecurity / Rootkit
  Collection of codes focused on Linux rootkits
  ☆92Updated 3 weeks ago
• SafeBreach-Labs / MagicDot
  A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue
  ☆96Updated 11 months ago
• BlackSnufkin / CheckPlz
  Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.
  ☆14Updated 2 months ago
• cbecks2 / edr-artifacts
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆76Updated 6 months ago
• fin3ss3g0d / StoneKeeper
  StoneKeeper C2, an experimental EDR evasion framework for research purposes
  ☆194Updated 3 months ago
• wetw0rk / wetw0rk.github.io
  ☆18Updated last week
• sensepost / mydumbedr
  ☆114Updated last year
• TierZeroSecurity / edr_blocker
  Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…
  ☆141Updated 8 months ago
• flostyen / windows-persistence
  Windows Persistence IT-Security
  ☆90Updated 2 weeks ago
• hasherezade / flareon2024
  ☆35Updated 3 months ago
• synacktiv / DLHell
  Local & remote Windows DLL Proxying
  ☆162Updated 9 months ago
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆54Updated last month
• eric-conrad / c2-talk
  ☆37Updated 11 months ago
• OtterHacker / Hooker
  ☆103Updated 4 months ago
• ChaitanyaHaritash / IllusiveFog
  Windows Administrator level Implant.
  ☆49Updated 5 months ago
• 20urc3 / Aplos
  Aplos an extremely simple fuzzer for Windows binaries.
  ☆68Updated last month
• fin3ss3g0d / NativeThreadpool
  Work, timer, and wait callback example using solely Native Windows APIs.
  ☆86Updated last year
• 0x4141414141 / Malware-Devlopment
  Work in progress experiments with reverse shells, AV bypass and extraction of secrets from memory in C
  ☆39Updated 5 years ago
• Dor00tkit / CVE-2024-30090
  CVE-2024-30090 - LPE PoC
  ☆105Updated 5 months ago
• CICADA8-Research / MyMSIAnalyzer
  Analyse MSI files for vulnerabilities
  ☆127Updated 6 months ago
• DarkSpaceSecurity / RunAs-Stealer
  RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging
  ☆160Updated 2 weeks ago
• Hagrid29 / CVE-2024-2432-PaloAlto-GlobalProtect-EoP
  ☆59Updated last year
• airbus-cert / minusone
  Powershell Linter
  ☆50Updated last week
• SafeBreach-Labs / CortexVortex
  ☆75Updated 11 months ago
• 0x4d5a-ctf / 38c3_com_talk
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆72Updated 2 months ago
• ViperXSecurity / lib-nosa
  lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
  ☆106Updated 6 months ago
• Karkas66 / CelestialSpark
  A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust
  ☆84Updated 11 months ago
• S3N4T0R-0X0 / APT28-Adversary-Simulation
  This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe
  ☆33Updated 9 months ago
• MythicAgents / Hannibal
  A Mythic Agent written in PIC C.
  ☆184Updated last month
• rad9800 / FileRenameJunctionsEDRDisable
  ☆150Updated 3 months ago