Rootkit for the blue team. Sophisticated and optimized LKM to detect and prevent malicious activity
☆35Apr 26, 2024Updated 2 years ago
Alternatives and similar repositories for GoodKit
Users that are interested in GoodKit are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Threadless shellcode injection tool☆68Aug 5, 2024Updated last year
- AI-based implant feature☆25Apr 28, 2025Updated last year
- UFSIT scripts and tools for hardening and auditing☆14May 28, 2025Updated last year
- A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆38Mar 6, 2025Updated last year
- Top hashpwn rules☆20Dec 12, 2025Updated 5 months ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- GhostWriting Injection Technique.☆201Mar 26, 2018Updated 8 years ago
- A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure …☆20Mar 6, 2025Updated last year
- A collection of commands, tools, techniques and procedures of the purplestorm ctf team.☆14Mar 20, 2025Updated last year
- Indirect syscalls + DInvoke made simple.☆97Dec 24, 2024Updated last year
- kubernetes rootkit☆35Dec 18, 2023Updated 2 years ago
- ☆103Jan 21, 2025Updated last year
- Sample Rust Hooking Engine☆34Apr 5, 2024Updated 2 years ago
- StealthGuardian is a middleware layer that can be combined with adversary simulation tools to verify the resistance, detection level and…☆20Aug 7, 2024Updated last year
- A different approach to writing BOFs in rust.☆21Aug 20, 2025Updated 9 months ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- A COFF Loader written in Rust☆141Dec 1, 2025Updated 6 months ago
- A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc.☆36Nov 16, 2023Updated 2 years ago
- early cascade injection PoC based on Outflanks blog post, in rust☆63Nov 8, 2024Updated last year
- Heap encryption in Nim☆21Aug 25, 2024Updated last year
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆62Mar 17, 2025Updated last year
- A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.☆165Oct 31, 2024Updated last year
- Simple reverse ICMP shell☆14Apr 30, 2024Updated 2 years ago
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆138Aug 10, 2024Updated last year
- Sleep obfuscation for shellcode implants and their reflective shit☆55Sep 19, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- Mythic C2 wrapper for NimSyscallPacker☆26Mar 12, 2025Updated last year
- Collection of red team techniques.☆70Apr 25, 2025Updated last year
- A nim implementation of sRDI☆20Oct 18, 2023Updated 2 years ago
- Bring your own Unwind Data Framework☆145Mar 15, 2026Updated 2 months ago
- Remote Thread Detection with a Kernel Driver☆35Jan 14, 2025Updated last year
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆470Aug 2, 2024Updated last year
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Mar 26, 2023Updated 3 years ago
- Tools for analyzing EDR agents☆278Jun 10, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆44Apr 6, 2025Updated last year
- Automated .NET AppDomain hijack payload generation☆129Feb 4, 2025Updated last year
- CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution☆51Apr 22, 2024Updated 2 years ago
- A tool to assist DLL hijacking via the Havoc GUI☆14Jan 9, 2024Updated 2 years ago
- winPEAS, but for Active Directory☆176Apr 1, 2025Updated last year
- ☆52Mar 30, 2026Updated 2 months ago
- Simulate the behavior of AV/EDR for malware development training.☆566Feb 15, 2024Updated 2 years ago