RITRedteam / goofkit
In line function hooking LKM rootkit
☆51Updated 5 years ago
Alternatives and similar repositories for goofkit:
Users that are interested in goofkit are comparing it to the libraries listed below
- Ebfuscator: Abusing system errors for binary obfuscation��☆52Updated 4 years ago
- An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples☆69Updated 2 years ago
- Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.☆97Updated 4 years ago
- ☆48Updated 4 years ago
- Reflective SO injection is a library injection technique in which the concept of reflective programming is employed to perform the loadin…☆117Updated 8 years ago
- Master list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.☆48Updated 4 years ago
- Proxy system calls over an RPC channel☆98Updated 3 years ago
- ☆47Updated 2 years ago
- Process reimaging proof of concept code☆96Updated 5 years ago
- Matryoshka - stacked LKM loader☆50Updated last year
- "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …☆39Updated 4 years ago
- Simple 32/64-bit PEs loader.☆137Updated 6 years ago
- Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster☆29Updated 5 years ago
- A simple tool to view important DLL Characteristics and change DEP and ASLR☆44Updated 6 years ago
- A collection of shellcode hashes☆17Updated 6 years ago
- TrashDBG the world's worse debugger☆23Updated 3 years ago
- Sysmon shenanigans☆65Updated 4 years ago
- ☆22Updated 4 years ago
- Go Lang Portable Executable Parser☆39Updated 4 years ago
- Local OXID Resolver (LCLOR) : Research and Tooling☆34Updated 3 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆104Updated 4 years ago
- WIP Emotet Control Flow Unflattening using miasm and radare2☆23Updated 2 years ago
- Simple project using syscalls (via Syswhispers2) to execute MessageBox shellcode.☆74Updated 3 years ago
- Parsers for custom malware formats ("Funky malware formats")☆96Updated 3 years ago
- Flare-On solutions☆36Updated 5 years ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆70Updated last year
- A C++ POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread. Credit to @spotheplanet for his notes…☆43Updated 3 years ago
- POC viruses I have created to demo some ideas☆59Updated 4 years ago
- Exploits pack for the Windows Kernel mode driver HackSysExtremeVulnerableDriver written for educational purposes.☆65Updated 3 years ago
- Helper idapython code for reversing kmdf drivers☆72Updated 2 years ago