Alternatives and similar repositories for detect-lkm-rootkit-cheatsheet:

Users that are interested in detect-lkm-rootkit-cheatsheet are comparing it to the libraries listed below

• hasherezade / flareon2024
  ☆36Updated 4 months ago
• 20urc3 / Aplos
  Aplos an extremely simple fuzzer for Windows binaries.
  ☆68Updated 2 months ago
• LambdaMamba / LenaMalwareAnalysis
  Lena's scripts/code/resources for malware analysis
  ☆26Updated 10 months ago
• SafeBreach-Labs / MagicDot
  A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue
  ☆98Updated last year
• ViperXSecurity / lib-nosa
  lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
  ☆109Updated 7 months ago
• OtterHacker / Hooker
  ☆104Updated 5 months ago
• 0x4d5a-ctf / 38c3_com_talk
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆73Updated 3 months ago
• BlackSnufkin / CheckPlz
  Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.
  ☆15Updated 3 months ago
• MatheuZSecurity / Rootkit
  Collection of codes focused on Linux rootkits
  ☆105Updated last month
• wetw0rk / wetw0rk.github.io
  ☆18Updated last month
• lasq88 / MalwareAnalysis
  Malware Analysis tools
  ☆26Updated 7 months ago
• cbecks2 / edr-artifacts
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆78Updated 7 months ago
• MatheuZSecurity / Imperius
  Make an Linux Kernel rootkit visible again.
  ☆50Updated last month
• reecdeep / hollowise
  Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …
  ☆36Updated last month
• airbus-cert / minusone
  Powershell Linter
  ☆50Updated 2 weeks ago
• RussianPanda95 / IDAPython
  IDA Python scripts
  ☆34Updated last week
• synacktiv / DLHell
  Local & remote Windows DLL Proxying
  ☆164Updated 10 months ago
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆53Updated 2 months ago
• volexity / GoResolver
  GoResolver is a Go analysis tool using both Go symbol extraction and Control Flow Graph (CFG) similarity to identify and resolve the func…
  ☆40Updated 2 weeks ago
• Karkas66 / CelestialSpark
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆102Updated 3 weeks ago
• yo-yo-yo-jbo / injection_and_hooking_intro
  ☆38Updated 2 years ago
• ArtemBaranov / WindowsRootkitsGuide
  ☆66Updated 2 months ago
• rad9800 / FileRenameJunctionsEDRDisable
  ☆154Updated 4 months ago
• nopcorn / DuckDuckC2
  A proof-of-concept C2 channel through DuckDuckGo's image proxy service
  ☆74Updated last year
• sec-consult / msiscan
  Scanning tool for identifying local privilege escalation issues in vulnerable MSI installers
  ☆117Updated 7 months ago
• RWXstoned / GimmeShelter
  Situational Awareness script to identify how and where to run implants
  ☆50Updated 4 months ago
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆46Updated last year
• MazX0p / CobaltSentry
  ☆23Updated 2 months ago
• eric-conrad / c2-talk
  ☆37Updated last year
• FuzzySecurity / BHUSA-2023
  ☆105Updated 9 months ago