TheMalwareGuardian / Awesome-Bootkits-Rootkits-Development
A curated compilation of extensive resources dedicated to bootkit and rootkit development.
☆51Updated 3 weeks ago
Alternatives and similar repositories for Awesome-Bootkits-Rootkits-Development
Users that are interested in Awesome-Bootkits-Rootkits-Development are comparing it to the libraries listed below
Sorting:
- Windows Kernel Mode Rootkit☆53Updated 3 weeks ago
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆220Updated 6 months ago
- Windows rootkit designed to work with BYOVD exploits☆198Updated 4 months ago
- Implementing the ghostly hollowing PE injection technique using tampered syscalls.☆151Updated 2 months ago
- UEFI Windows Bootkit☆39Updated 10 months ago
- BSides Prishtina 2024 Malware Development and Persistence workshop☆81Updated this week
- This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…☆117Updated 2 weeks ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated last year
- RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging☆187Updated 2 months ago
- lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.☆109Updated 8 months ago
- Injecting DLL into LSASS at boot☆105Updated 2 weeks ago
- (0day) Local Privilege Escalation in IObit Malware Fighter☆138Updated last month
- ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.☆105Updated last month
- The result of research and investigation of malware development tricks, techniques, evasion, cryptography and linux malware☆43Updated last month
- The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls☆190Updated last year
- Sleep obfuscation☆222Updated 5 months ago
- Using the Counter Strike 1.6 RCON protocol as a C2 Channel.☆78Updated 2 months ago
- Collection of codes focused on Linux rootkits☆107Updated 2 months ago
- ☆141Updated 6 months ago
- Bypass Malware Sandbox Evasion Ram check☆137Updated 2 years ago
- Basic reverse shell in C using socket() with complete explanation☆65Updated last year
- Windows x64 kernel mode rootkit process hollowing POC.☆189Updated last year
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆178Updated last year
- kernel callback removal (Bypassing EDR Detections)☆162Updated last month
- Write-ups and proof of concepts of design and implementaion of various modern malwares.☆28Updated 2 years ago
- early cascade injection PoC based on Outflanks blog post☆214Updated 6 months ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆161Updated 11 months ago
- ☆256Updated last year
- POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY☆189Updated last month
- A set of programs for analyzing common vulnerabilities in COM☆215Updated 8 months ago