Windows Kernel Rootkit
☆59Nov 24, 2025Updated 3 months ago
Alternatives and similar repositories for Benthic
Users that are interested in Benthic are comparing it to the libraries listed below
Sorting:
- Windows UEFI Bootkit☆85Nov 24, 2025Updated 3 months ago
- Automated environment setup for Bootkit & Rootkit development.☆36Aug 9, 2025Updated 6 months ago
- open source port/reimplementation of the Cobalt Strike BOF Loader as is☆68Feb 3, 2026Updated last month
- Resolve offsets, gadgets and symbols from NTKernel☆56Jan 15, 2026Updated last month
- This is similar to GdrvLoader but it works on EAC (& BE but same for GdrvLoader) with included gdrv.sys (cert)☆33Dec 8, 2025Updated 2 months ago
- arm64 linux position-independent shellcode framework☆30Dec 12, 2025Updated 2 months ago
- A curated compilation of extensive resources dedicated to bootkit and rootkit development.☆186Aug 9, 2025Updated 6 months ago
- ☆19Sep 17, 2025Updated 5 months ago
- COM-based DLL Surrogate Injection☆142Dec 9, 2025Updated 2 months ago
- A simple POC to show how to chain multiple callbacks via tail calls to artificially construct a call stack☆99Dec 22, 2025Updated 2 months ago
- Calling the undocumented DPAPI RPC interface directly, no more calling public CryptUnprotectData!☆75Feb 4, 2026Updated 3 weeks ago
- Library of BOFs to interact with SQL servers☆23Apr 9, 2025Updated 10 months ago
- POC for CVE-2025-54918 and a technical demonstration.☆53Jan 12, 2026Updated last month
- Windows driver template, using C++20 & cmake & GithubActions☆25Aug 9, 2024Updated last year
- ☆49Nov 7, 2024Updated last year
- CVE-2024-35250 的 Beacon Object File (BOF) 实现。☆24Nov 28, 2024Updated last year
- ☆17Nov 6, 2023Updated 2 years ago
- vehsyscall:a syscall project that may bypass EDR☆62Mar 1, 2024Updated 2 years ago
- Minimalistic HTTP(S) client for the NT kernel☆62Dec 1, 2025Updated 3 months ago
- Header-only compile-time variables obfuscation library for C++20 and later. Compiler Support: MSVC (+WDM), Clang, GCC. Architecture Suppo…☆67Feb 22, 2026Updated last week
- Header-only C++ library for producing PE files.☆36Jun 17, 2023Updated 2 years ago
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆63Jun 23, 2025Updated 8 months ago
- AV/EDR killer using BYOVD technique☆44Sep 27, 2024Updated last year
- Windows rootkit designed to work with BYOVD exploits☆216Jan 18, 2025Updated last year
- The Best Antivirus and Total Protection for Mac! What's the Best Malware Protection? Malware, Spyware, and Adware Protection Antiviru…☆10Aug 1, 2019Updated 6 years ago
- ☆31Oct 23, 2023Updated 2 years ago
- ☆35Nov 16, 2023Updated 2 years ago
- 该漏洞存在于 NtQueryInformationToken 函数中,特别是在处理AuthzBasepCopyoutInternalSecurityAttributes 函数时,该漏洞源于内核在操作对象时对锁定机制的不当管理,这一失误可能导致恶意实体意外提升权限。☆40Jul 5, 2024Updated last year
- ☆13Apr 9, 2020Updated 5 years ago
- PS4 Linux Payloads for Firmware 5.05 - 13.02☆28Feb 14, 2026Updated 2 weeks ago
- Out of boredom, I was thinking about how to bypass the security on Claude3, which probably has the best protection "against harmful conte…☆10Apr 5, 2024Updated last year
- TLS Examples in Schannel and IO Completion Ports☆10Jun 21, 2022Updated 3 years ago
- Remote DLL Injection with Timer-based Shellcode Execution☆154Jul 18, 2025Updated 7 months ago
- Just tried, unusable☆51Oct 23, 2024Updated last year
- An example reference design for a proposed BOF PE☆200Jan 23, 2026Updated last month
- Bypassing Amsi using LdrLoadDll☆47Jan 8, 2025Updated last year
- Script debugger for Grand Theft Auto V.☆20Dec 20, 2025Updated 2 months ago
- My old external dayz source with auto update base offsets☆14Jul 28, 2023Updated 2 years ago
- Harvests project metadata from YAML or JSON files in GitHub repositories.☆13Apr 30, 2019Updated 6 years ago