Alternatives and similar repositories for Awesome-Bootkits-Rootkits-Development

Users that are interested in Awesome-Bootkits-Rootkits-Development are comparing it to the libraries listed below

• TheMalwareGuardian / Bentico
  Windows Kernel Mode Rootkit
  ☆55Updated 2 months ago
• TheMalwareGuardian / Abismo
  UEFI Windows Bootkit
  ☆41Updated last year
• CyberSecurityUP / Offensive-Windows-Drivers-Development
  ☆133Updated 3 months ago
• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆84Updated last month
• ColeHouston / Sunder
  Windows rootkit designed to work with BYOVD exploits
  ☆200Updated 5 months ago
• 0xHossam / KernelCallbackTable-Injection-PoC
  Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…
  ☆226Updated 7 months ago
• Maldev-Academy / GhostlyHollowingViaTamperedSyscalls
  Implementing the ghostly hollowing PE injection technique using tampered syscalls.
  ☆164Updated 3 months ago
• ZeroMemoryEx / CVE-2025-26125
  (0day) Local Privilege Escalation in IObit Malware Fighter
  ☆141Updated 2 months ago
• V-i-x-x / kernel-callback-removal
  kernel callback removal (Bypassing EDR Detections)
  ☆177Updated 3 months ago
• cocomelonc / mdmz_book
  The result of research and investigation of malware development tricks, techniques, evasion, cryptography and linux malware
  ☆47Updated 3 months ago
• Maldev-Academy / LsassHijackingViaReg
  Injecting DLL into LSASS at boot
  ☆123Updated last month
• MatheuZSecurity / Rootkit
  Collection of codes focused on Linux rootkits
  ☆131Updated 2 weeks ago
• oomar400 / Malware-Development
  Write-ups and proof of concepts of design and implementaion of various modern malwares.
  ☆28Updated 2 years ago
• MatheuZSecurity / ElfDoor-gcc
  ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.
  ☆113Updated 2 months ago
• OtterHacker / Hooker
  ☆107Updated 8 months ago
• NtDallas / KrakenMask
  Sleep obfuscation
  ☆228Updated 6 months ago
• CarlosG13 / Process-Hypnosis-Debugger-assisted-control-flow-hijack
  ☆36Updated last year
• 0xPrimo / KMDllInjector
  kernel-mode DLL Injector
  ☆86Updated 2 months ago
• MrAle98 / CVE-2025-21333-POC
  POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY
  ☆193Updated 2 months ago
• JanielDary / ImmoralFiber
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆265Updated 9 months ago
• Maldev-Academy / Christmas
  ☆258Updated last year
• lsecqt / BSides-2024-Malware-Development-101-From-Zero-to-Non-Hero
  ☆35Updated last year
• MalwareTech / EDRception
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆189Updated last year
• lsecqt / ThreadlessInject-C-Implementation
  This repository implements Threadless Injection in C
  ☆168Updated last year
• floesen / KExecDD
  Admin to Kernel code execution using the KSecDD driver
  ☆251Updated last year
• Offensive-Panda / DefenseEvasionTechniques
  This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…
  ☆119Updated last month
• ZeroMemoryEx / Bypass-Sandbox-Evasion
  Bypass Malware Sandbox Evasion Ram check
  ☆137Updated 2 years ago
• ViperXSecurity / lib-nosa
  lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
  ☆112Updated 9 months ago
• Cracked5pider / earlycascade-injection
  early cascade injection PoC based on Outflanks blog post
  ☆219Updated 7 months ago
• Offensive-Panda / RWX_MEMEORY_HUNT_AND_INJECTION_DV
  Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
  ☆285Updated last year