Rhydon1337 / linux-kernel-shadow-sshLinks
Hiding SSH public keys in SSH server using a kernel agent
☆23Updated 4 years ago
Alternatives and similar repositories for linux-kernel-shadow-ssh
Users that are interested in linux-kernel-shadow-ssh are comparing it to the libraries listed below
Sorting:
- Setup for windows kernel development (development, debugging automation and compiling)☆17Updated 4 years ago
- Linux kernel filesystem filter driver☆22Updated 4 years ago
- Force kill a process using windows kernel driver☆25Updated 4 years ago
- Enumrate all pci devices inside all pci buses☆17Updated 4 years ago
- a windows kernel keylogger that works☆20Updated last year
- Force a file delete using a windows kernel driver☆70Updated 3 years ago
- Protect a process from code injection, termination and hooking☆49Updated 4 years ago
- Minimal patch guard for linux kernel☆30Updated 4 years ago
- Protect a file from being deleted using windows kernel file system minifilter driver☆40Updated 4 years ago
- silence file system monitoring components by hooking their minifilters☆59Updated last year
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Updated 3 years ago
- A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.☆31Updated 3 years ago
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆44Updated 2 years ago
- Bypassing kernel patch protection runtime☆20Updated 2 years ago
- Some drivers I've written while solving exercises from Practical Reverse Engineering☆15Updated 3 years ago
- ☆38Updated 2 years ago
- Load Dll into Kernel space☆38Updated 3 years ago
- Experiment to use sections as User/Kernelmode comm vector☆22Updated 2 years ago
- Record & prevent file deletion in kernel mode☆44Updated 5 years ago
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆23Updated 3 years ago
- Rootkit & Anti-rootkit☆41Updated last year
- x64 Windows privilege elevation using anycall☆22Updated 4 years ago
- Elevate arbitrary MSR writes to kernel execution.☆38Updated 2 years ago
- Injects position-dependent code into a code cave in an executable file, and applies relocations.☆23Updated 2 years ago
- filter driver to hide files and directories☆22Updated last year
- Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post☆70Updated last year
- A VMBR (Virtual-Machine Based Rootkit) which runs a guest OS and sends the attacker its data☆28Updated last year
- Hijack NotifyRoutine for a kernelmode thread☆42Updated 3 years ago
- Taking advantage of CRT initialization, to get away with hooking protected applications☆47Updated 2 years ago
- Yet another Windows DLL injector.☆39Updated 3 years ago