Rootkit for the blue team. Sophisticated and optimized LKM to detect and prevent malicious activity
☆34Apr 26, 2024Updated last year
Alternatives and similar repositories for GoodKit
Users that are interested in GoodKit are comparing it to the libraries listed below
Sorting:
- A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆38Mar 6, 2025Updated 11 months ago
- Threadless shellcode injection tool☆68Aug 5, 2024Updated last year
- AI-based implant feature☆25Apr 28, 2025Updated 9 months ago
- Top hashpwn rules☆21Dec 12, 2025Updated 2 months ago
- StealthGuardian is a middleware layer that can be combined with adversary simulation tools to verify the resistance, detection level and…☆20Aug 7, 2024Updated last year
- Indirect syscalls + DInvoke made simple.☆96Dec 24, 2024Updated last year
- Crystal Palace RDLL loader for Adaptix C2 with Ekko sleep obfuscation, IAT hooking via PICO, and per-section permission restoration☆65Updated this week
- A collection of commands, tools, techniques and procedures of the purplestorm ctf team.☆14Mar 20, 2025Updated 11 months ago
- UFSIT scripts and tools for hardening and auditing☆14May 28, 2025Updated 9 months ago
- A different approach to writing BOFs in rust.☆19Aug 20, 2025Updated 6 months ago
- A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure …☆19Mar 6, 2025Updated 11 months ago
- GhostWriting Injection Technique.☆195Mar 26, 2018Updated 7 years ago
- A COFF Loader written in Rust☆136Dec 1, 2025Updated 2 months ago
- ☆86Jan 21, 2025Updated last year
- Sample Rust Hooking Engine☆36Apr 5, 2024Updated last year
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆23Jun 19, 2025Updated 8 months ago
- kubernetes rootkit☆34Dec 18, 2023Updated 2 years ago
- Heap encryption in Nim☆20Aug 25, 2024Updated last year
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆59Mar 17, 2025Updated 11 months ago
- A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.☆161Oct 31, 2024Updated last year
- A nim implementation of sRDI☆20Oct 18, 2023Updated 2 years ago
- Collection of red team techniques.☆66Apr 25, 2025Updated 10 months ago
- A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc.☆36Nov 16, 2023Updated 2 years ago
- early cascade injection PoC based on Outflanks blog post, in rust☆62Nov 8, 2024Updated last year
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated 11 months ago
- A simple POC to show how to chain multiple callbacks via tail calls to artificially construct a call stack☆99Dec 22, 2025Updated 2 months ago
- Bypassing Amsi using LdrLoadDll☆47Jan 8, 2025Updated last year
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆137Aug 10, 2024Updated last year
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- Reflective DLL self-loading as a library☆21May 3, 2025Updated 9 months ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Mar 26, 2023Updated 2 years ago
- BSides Prishtina 2024 Malware Development and Persistence workshop☆127Jan 1, 2026Updated last month
- a demo module for the kaine agent to execute and inject assembly modules☆41Aug 28, 2024Updated last year
- winPEAS, but for Active Directory☆173Apr 1, 2025Updated 10 months ago
- I will be uploading all the codes which I created with the help either opensource projects or blogs. This is a step by step EDR learning …☆287Aug 1, 2025Updated 6 months ago
- Attacking indiscriminately every header, cookie, GET and POST parameter with blind fury.☆13Sep 25, 2025Updated 5 months ago
- 🛠️ Explore custom C2 TTPs with Aether-C2-Framework, focusing on lightweight Rust implants and stealthy transport stacks to reduce forens…☆18Updated this week
- Simple reverse ICMP shell☆14Apr 30, 2024Updated last year
- MacroPhantom automates the process of generating XOR+Caesar encrypted shellcode and embedding it into VBA macros for Microsoft Office doc…☆18Mar 20, 2025Updated 11 months ago