TheMalwareGuardian / Awesome-Bootkits-Rootkits-DevelopmentLinks
A curated compilation of extensive resources dedicated to bootkit and rootkit development.
☆56Updated last month
Alternatives and similar repositories for Awesome-Bootkits-Rootkits-Development
Users that are interested in Awesome-Bootkits-Rootkits-Development are comparing it to the libraries listed below
Sorting:
- Windows Kernel Mode Rootkit☆54Updated last month
- UEFI Windows Bootkit☆40Updated 11 months ago
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆222Updated 7 months ago
- Windows rootkit designed to work with BYOVD exploits☆198Updated 4 months ago
- Implementing the ghostly hollowing PE injection technique using tampered syscalls.☆156Updated 2 months ago
- Injecting DLL into LSASS at boot☆113Updated last month
- This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…☆118Updated 2 weeks ago
- BSides Prishtina 2024 Malware Development and Persistence workshop☆81Updated last week
- Write-ups and proof of concepts of design and implementaion of various modern malwares.☆28Updated 2 years ago
- ☆100Updated 3 months ago
- Sleep obfuscation☆224Updated 5 months ago
- ☆36Updated last year
- The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls☆192Updated last year
- A command and control framework.☆51Updated 5 months ago
- kernel callback removal (Bypassing EDR Detections)☆167Updated 2 months ago
- ☆107Updated 7 months ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated last year
- The result of research and investigation of malware development tricks, techniques, evasion, cryptography and linux malware☆45Updated 2 months ago
- A bunch of scripts and code i wrote.☆141Updated 7 months ago
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆178Updated last year
- ☆39Updated last year
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated last year
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆89Updated 11 months ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆161Updated last year
- This repository implements Threadless Injection in C☆167Updated last year
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆66Updated last month
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆63Updated last month
- A set of programs for analyzing common vulnerabilities in COM☆215Updated 9 months ago
- Activation Context Hijack☆155Updated 6 months ago
- ☆141Updated 7 months ago