TheMalwareGuardian / Bentico
Windows Kernel Mode Rootkit
☆10Updated 8 months ago
Related projects ⓘ
Alternatives and complementary repositories for Bentico
- ☆22Updated last year
- WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs☆16Updated last year
- automates exploits using ROP chains, using ntdll-scraper☆16Updated 2 years ago
- ☆12Updated 2 years ago
- ☆21Updated 6 months ago
- Manually perform syscalls without going through any external API or DLL.☆17Updated last year
- UEFI bootkit: Hardware Implant. In-Progress☆11Updated 2 years ago
- PoC for the Untrusted Pointer Dereference in the appid.sys driver☆13Updated 6 months ago
- Research into removing strings & API call references at compile-time (Anti-Analysis)☆24Updated 5 months ago
- Listing UDP connections with remote address without sniffing.☆30Updated last year
- UEFI Windows Bootkit☆25Updated 4 months ago
- C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.☆29Updated 3 years ago
- Proof-of-concept game using VBS enclaves to protect itself from cheating☆19Updated last week
- combine the power of procmon and dbgview into one single application☆7Updated 9 months ago
- ☆17Updated 3 years ago
- Extracted lua script from Defender mpavbase.vdm and mpasbase.vdm☆12Updated 4 months ago
- ☆27Updated 4 months ago
- ☆27Updated last year
- A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.☆28Updated 2 years ago
- Yet another Windows DLL injector.☆38Updated 3 years ago
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆19Updated 2 years ago
- Code injection via ZwCreateSection, ZwUnmapViewOfSection. C++ example☆16Updated 2 years ago
- Lightweight Threat Detection System - (Base)☆14Updated 7 months ago
- Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules☆42Updated last year
- A native Windows library for intercepting kernel-to-user transitions using instrumentation callbacks☆16Updated 9 months ago
- ☆22Updated last year
- A Practical example of ELAM (Early Launch Anti-Malware)☆31Updated 3 years ago
- 💻 Windows 10 Kernel-mode rootkit☆31Updated 2 years ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- research revolving the windows filtering platform callout mechanism☆22Updated 5 months ago