TheMalwareGuardian / Awesome-Bootkits-Rootkits-Development
A curated compilation of extensive resources dedicated to bootkit and rootkit development.
☆41Updated last month
Alternatives and similar repositories for Awesome-Bootkits-Rootkits-Development:
Users that are interested in Awesome-Bootkits-Rootkits-Development are comparing it to the libraries listed below
- Windows Kernel Mode Rootkit☆52Updated this week
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆212Updated 5 months ago
- Windows rootkit designed to work with BYOVD exploits☆183Updated 3 months ago
- ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.☆92Updated last week
- Implementing the ghostly hollowing PE injection technique using tampered syscalls.☆144Updated last month
- Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.☆283Updated 10 months ago
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆177Updated last year
- LKM rootkit for modern kernels, with DNS C2 and a simple web interface☆65Updated 2 weeks ago
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …☆250Updated 8 months ago
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆72Updated last year
- Sleep obfuscation☆216Updated 4 months ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated last year
- This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…☆117Updated 3 months ago
- ☆105Updated 5 months ago
- Shellcode encryptor using a substitution cipher with a randomly generated key.☆126Updated 3 months ago
- BSides Prishtina 2024 Malware Development and Persistence workshop☆68Updated this week
- UEFI Windows Bootkit☆33Updated 10 months ago
- A command and control framework.☆50Updated 3 months ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆44Updated last year
- (0day) Local Privilege Escalation in IObit Malware Fighter☆126Updated 3 weeks ago
- The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls☆185Updated last year
- kernel callback removal (Bypassing EDR Detections)☆161Updated last month
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆160Updated 10 months ago
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆185Updated last year
- ☆140Updated 5 months ago
- Using the Counter Strike 1.6 RCON protocol as a C2 Channel.☆78Updated 2 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆92Updated this week
- "Service-less" driver loading☆151Updated 4 months ago
- Bypass Malware Sandbox Evasion Ram check☆137Updated 2 years ago
- RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging☆183Updated last month