TheMalwareGuardian / BenticoLinks
Early work on Benthic Windows Kernel Rootkit
☆55Updated last month
Alternatives and similar repositories for Bentico
Users that are interested in Bentico are comparing it to the libraries listed below
Sorting:
- A curated compilation of extensive resources dedicated to bootkit and rootkit development.☆107Updated last month
- ☆161Updated 6 months ago
- Windows rootkit designed to work with BYOVD exploits☆206Updated 8 months ago
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆232Updated 10 months ago
- Windows x64 kernel mode rootkit process hollowing POC.☆189Updated 2 years ago
- BSides Prishtina 2024 Malware Development and Persistence workshop☆98Updated 3 months ago
- This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…☆131Updated 4 months ago
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆179Updated 2 years ago
- (0day) Local Privilege Escalation in IObit Malware Fighter☆154Updated 5 months ago
- Early Work on Abyss Windows UEFI Bootkit☆43Updated last month
- Injecting DLL into LSASS at boot☆138Updated 4 months ago
- Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths☆352Updated last year
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆354Updated 7 months ago
- Slides & Code snippets for a workshop held @ x33fcon 2024☆268Updated last year
- The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls☆210Updated last year
- kernel callback removal (Bypassing EDR Detections)☆190Updated 6 months ago
- ☆265Updated 2 years ago
- A vulnerable driver exploited by me (BYOVD) that is capable of terminating several EDRs and antivirus software in the market, rendering t…☆99Updated 9 months ago
- Remote Shellcode Injector☆219Updated 2 years ago
- simple user-mode Rootkit☆106Updated 2 years ago
- Using the Counter Strike 1.6 RCON protocol as a C2 Channel.☆85Updated 7 months ago
- C# AV/EDR Killer using less-known driver (BYOVD)☆180Updated last year
- Admin to Kernel code execution using the KSecDD driver☆257Updated last year
- This GitHub repository contains benign specimens; however, the techniques demonstrated herein could potentially be exploited for maliciou…☆17Updated last year
- Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process☆270Updated last year
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated 2 years ago
- Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)☆144Updated last year
- ☆260Updated last year
- Sleep obfuscation☆238Updated 9 months ago
- lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.☆114Updated last year