Alternatives and similar repositories for Awesome-Bootkits-Rootkits-Development:

Users that are interested in Awesome-Bootkits-Rootkits-Development are comparing it to the libraries listed below

• Maldev-Academy / GhostlyHollowingViaTamperedSyscalls
  Implementing the ghostly hollowing PE injection technique using tampered syscalls.
  ☆131Updated 8 months ago
• eversinc33 / unKover
  PoC Anti-Rootkit/Anti-Cheat Driver.
  ☆179Updated 4 months ago
• TheMalwareGuardian / Abismo
  UEFI Windows Bootkit
  ☆26Updated 7 months ago
• alfarom256 / HPHardwareDiagnostics-PoC
  PoC exploit for HP Hardware Diagnostic's EtdSupp driver
  ☆50Updated last year
• Tserith / Parasite
  Compact MBR Bootkit for Windows
  ☆44Updated 3 years ago
• jdu2600 / EtwTi-FluctuationMonitor
  Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections
  ☆111Updated last year
• paskalian / RetSpoofer
  Spoof the return address of any function call.
  ☆7Updated 6 months ago
• cbrnrd / maliketh
  🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python
  ☆42Updated 10 months ago
• ldpreload / werkernel
  Windows LPE Nday
  ☆24Updated 9 months ago
• SaadAhla / BlockOpenHandle
  Block any Process to open HANDLE to your process , only SYTEM is allowed to open handle to your process ,with that you can avoid remote m…
  ☆168Updated last year
• x64dbg / lz4
  ☆12Updated last month
• 4l3x777 / dse_pg_bypass
  DSE & PG bypass via BYOVD attack
  ☆41Updated 9 months ago
• xsh3llsh0ck / MilkBox
  Tool to dump EFI runtime drivers.
  ☆35Updated 11 months ago
• mrexodia / lolbin-poc
  Small PoC of using a Microsoft signed executable as a lolbin.
  ☆133Updated last year
• xsh3llsh0ck / ResilienceKit
  Another UEFI runtime bootkit
  ☆28Updated last year
• hid3rx / GhostWriting
  ☆22Updated last year
• idkhidden / WinApiPatcher
  WinApi Patcher is a straightforward tool leveraging windows API hooking to patch and modify certain behaviors in a targeted environment.
  ☆41Updated 4 months ago
• dmaivel / covirt
  An x86-64 code virtualizer for VM based obfuscation
  ☆104Updated last month
• 0xHossam / KernelCallbackTable-Injection-PoC
  Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…
  ☆203Updated 3 months ago
• Allevon412 / ReflectiveDLLInjector
  This program is used to perform reflective DLL Injection to a remote process specified by the user.
  ☆64Updated last year
• lleon1435 / Kernel_VADInjector
  Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver
  ☆52Updated last year
• 66flags / inline-syscall
  A simple direct syscall wrapper written in C++ with compatibility for x86 and x64 programs.
  ☆43Updated last year
• realoriginal / grimreaper
  A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls
  ☆105Updated 4 months ago
• gabriellandau / ShadowStackWalk
  Finding Truth in the Shadows
  ☆88Updated 2 years ago
• zer0condition / Demystifying-PatchGuard
  Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…
  ☆114Updated last year
• ommadawn46 / HEVD-Exploit-Win10-22H2-KVAS
  HEVD Exploit: ArbitraryWrite on Windows 10 22H2 - Bypassing KVA Shadow and SMEP via PML4 Entry Manipulation
  ☆22Updated 6 months ago
• ngn13 / shrk
  LKM rootkit for modern kernels, with DNS C2 and a simple web interface
  ☆63Updated last week
• maziland / StackBombing
  Next gen process injection technique
  ☆44Updated 4 years ago
• jdu2600 / CFG-FindHiddenShellcode
  Walks the CFG bitmap to find previously executable but currently hidden shellcode regions
  ☆109Updated last year