Automated environment setup for Bootkit & Rootkit development.
☆38Aug 9, 2025Updated 7 months ago
Alternatives and similar repositories for Bootkits-Rootkits-Development-Environment
Users that are interested in Bootkits-Rootkits-Development-Environment are comparing it to the libraries listed below
Sorting:
- Windows UEFI Bootkit☆89Nov 24, 2025Updated 3 months ago
- A curated compilation of extensive resources dedicated to bootkit and rootkit development.☆197Aug 9, 2025Updated 7 months ago
- Windows Kernel Rootkit☆63Nov 24, 2025Updated 3 months ago
- PowerShell tool that shows how to read and write NTLM OWF values via samlib.dll.☆72Oct 22, 2025Updated 5 months ago
- Repository to gather the .NET malware I will be developing☆18Mar 7, 2026Updated 2 weeks ago
- Vectored Exception Handling Squared☆31Dec 27, 2025Updated 2 months ago
- Using c++23 compile-time magic to produce obfuscated PIC strings and arrays.☆31Jun 5, 2024Updated last year
- Repository to gather the BOF files I will be developing☆11Oct 1, 2024Updated last year
- ☆10Sep 3, 2021Updated 4 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- ☆38Oct 16, 2025Updated 5 months ago
- An advanced singular header-only C++20 obfuscation library with encryption and polymorphism.☆83Mar 14, 2026Updated last week
- A simple to use single-include Windows API resolver☆23Jul 9, 2024Updated last year
- ☆17Jul 16, 2024Updated last year
- ☆14Sep 22, 2023Updated 2 years ago
- ☆37Jun 27, 2020Updated 5 years ago
- ☆18Mar 28, 2023Updated 2 years ago
- OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"☆43May 22, 2024Updated last year
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆45Sep 25, 2024Updated last year
- [ARCHIVED] Early work on Benthic (Windows Kernel Rootkit).☆59Aug 15, 2025Updated 7 months ago
- Tool to dump EFI runtime drivers.☆39Feb 23, 2024Updated 2 years ago
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆16Sep 4, 2020Updated 5 years ago
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆55Dec 30, 2025Updated 2 months ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- A python metamorphic engine for PE/PE+ files.☆15Jan 1, 2023Updated 3 years ago
- Auditing Hooks for https://github.com/jborean93/PSDetour☆13Apr 29, 2025Updated 10 months ago
- ☆18Dec 1, 2024Updated last year
- Hooking Heavens Gate in a weekend☆13Jan 1, 2022Updated 4 years ago
- Shellcode injection using the Windows Debugging API☆171Jan 4, 2026Updated 2 months ago
- A IDA plugin to enable linking to locations in an IDB with a disas:// URI☆34Oct 18, 2023Updated 2 years ago
- [ARCHIVED] Early work on Abyss (Windows UEFI Bootkit).☆42Aug 15, 2025Updated 7 months ago
- Tool that gathers a customizable set of ETW telemetry and generates user-defined detections☆47Jan 28, 2026Updated last month
- TypeScript/JavaScript client libraries for Sliver☆25Mar 15, 2026Updated last week
- BypassCredGuard CS BOF☆51Jan 23, 2025Updated last year
- ☆12Jun 30, 2019Updated 6 years ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- ☆16May 22, 2014Updated 11 years ago
- ☆26Nov 8, 2024Updated last year
- .lib file for linking against the NT CRT☆19Mar 18, 2022Updated 4 years ago