Alternatives and similar repositories for Rootkits_Subverting_the_Windows_Kernel:

Users that are interested in Rootkits_Subverting_the_Windows_Kernel are comparing it to the libraries listed below

• uf0o / rootkit-arsenal-guacamole
  An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples
  ☆68Updated 2 years ago
• connormcgarr / Kernel-Escalation-of-Privileges-Payloads
  NT AUTHORITY\SYSTEM
  ☆38Updated 4 years ago
• compilepeace / SHELLCODING_INTEL_x86-64
  Repository contains shellcodes made from scratch for intel x86-64 bit Architecture
  ☆12Updated last year
• VergiliusProject / kernels-data
  Windows kernel PDB data parsed into YAML
  ☆34Updated 2 months ago
• therealdreg / dregate
  call gates as stable comunication channel for NT x86 and Linux x86_64
  ☆30Updated last year
• vineetgaurav / WIN_JELLY
  Windows GPU rootkit PoC by Team Jellyfish
  ☆35Updated 9 years ago
• jbaines-r7 / dellicious
  Enabled / Disable LSA Protection via BYOVD
  ☆65Updated 3 years ago
• therealdreg / windbgtocstruct
  Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…
  ☆26Updated last year
• realoriginal / blacklotus
  A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.
  ☆86Updated last year
• 7eRoM / elam
  A Practical example of ELAM (Early Launch Anti-Malware)
  ☆33Updated 3 years ago
• realoriginal / bootdoor
  An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot
  ☆61Updated last year
• Coalfire-Research / ERC.Xdbg
  An Xdbg Plugin of the ERC Library.
  ☆26Updated 11 months ago
• loneicewolf / KernelMode-Code
  2022 Updated Kernelmode-Code
  ☆31Updated 9 months ago
• Cracked5pider / unguard-eat
  havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets
  ☆26Updated 5 months ago
• DanielAvinoam / TheSubZeroProject
  A multi-staged malware that contains a kernel mode rootkit and a remote system shell.
  ☆71Updated 3 years ago
• rad9800 / VehApiResolve
  ☆105Updated 2 years ago
• Idov31 / UdpInspector
  Listing UDP connections with remote address without sniffing.
  ☆30Updated last year
• itm4n / CVEs
  Random CVEs
  ☆30Updated last year
• connormcgarr / EATGuard
  Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)
  ☆95Updated last year
• rbmm / DirectSysCall
  ☆12Updated last year
• skykami / www.rootkit.com
  www.rootkit.com users section mirror, sql database dump, and a few other files/rootkits.
  ☆19Updated 8 years ago
• ch3rn0byl / Charon
  A UEFI extraction tool
  ☆15Updated 2 months ago
• 0xMegaByte / COM-Explained
  ☆27Updated 2 years ago
• airbus-cert / ttd2mdmp
  Extract data of TTD trace file to a minidump
  ☆28Updated last year
• zodiacon / MalDevWorkshopWebinar
  Demo from the Malware Analysis and Development Webinar
  ☆19Updated 9 months ago
• therealdreg / Win.Cerdalux
  WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs
  ☆17Updated last year
• connormcgarr / An-Intro-2-Win-ED
  "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …
  ☆39Updated 4 years ago