Automated environment setup for Bootkit & Rootkit development.
☆36Aug 9, 2025Updated 6 months ago
Alternatives and similar repositories for Bootkits-Rootkits-Development-Environment
Users that are interested in Bootkits-Rootkits-Development-Environment are comparing it to the libraries listed below
Sorting:
- A curated compilation of extensive resources dedicated to bootkit and rootkit development.☆185Aug 9, 2025Updated 6 months ago
- Windows Kernel Rootkit☆59Nov 24, 2025Updated 3 months ago
- Windows UEFI Bootkit☆84Nov 24, 2025Updated 3 months ago
- Repository to gather the .NET malware I will be developing☆18Mar 23, 2025Updated 11 months ago
- Using c++23 compile-time magic to produce obfuscated PIC strings and arrays.☆31Jun 5, 2024Updated last year
- An advanced singular header-only C++20 obfuscation library with encryption and polymorphism.☆68Updated this week
- ☆17Jul 16, 2024Updated last year
- ☆14Sep 22, 2023Updated 2 years ago
- [ARCHIVED] Early work on Benthic (Windows Kernel Rootkit).☆58Aug 15, 2025Updated 6 months ago
- Repository to gather the BOF files I will be developing☆11Oct 1, 2024Updated last year
- Auditing Hooks for https://github.com/jborean93/PSDetour☆13Apr 29, 2025Updated 10 months ago
- ☆12Jun 30, 2019Updated 6 years ago
- PowerShell tool that shows how to read and write NTLM OWF values via samlib.dll.☆72Oct 22, 2025Updated 4 months ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- ☆38Oct 16, 2025Updated 4 months ago
- Hooking Heavens Gate in a weekend☆13Jan 1, 2022Updated 4 years ago
- A simple to use single-include Windows API resolver☆23Jul 9, 2024Updated last year
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆16Sep 4, 2020Updated 5 years ago
- Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…☆21Jan 28, 2024Updated 2 years ago
- ☆18Mar 28, 2023Updated 2 years ago
- Tool to dump EFI runtime drivers.☆39Feb 23, 2024Updated 2 years ago
- Shellcode injection using the Windows Debugging API☆171Jan 4, 2026Updated last month
- Async rust support for the reverse-engineered Crowdstrike Falcon protocol between the Sensor and cloud services☆17Mar 10, 2023Updated 2 years ago
- Vectored Exception Handling Squared☆29Dec 27, 2025Updated 2 months ago
- ☆16May 22, 2014Updated 11 years ago
- OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"☆43May 22, 2024Updated last year
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆45Sep 25, 2024Updated last year
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆54Dec 30, 2025Updated 2 months ago
- .lib file for linking against the NT CRT☆19Mar 18, 2022Updated 3 years ago
- LSTAR - CobaltStrike Translated to EN☆22Jun 15, 2023Updated 2 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- ☆73Feb 12, 2026Updated 2 weeks ago
- ☆118Aug 7, 2022Updated 3 years ago
- ☆53Mar 26, 2025Updated 11 months ago
- ☆26Nov 8, 2024Updated last year
- Loading and executing shellcode in C# without PInvoke.☆22Jan 10, 2022Updated 4 years ago
- ☆25Dec 3, 2024Updated last year
- modified mssqlclient from impacket to extract policies from the SCCM database☆44Updated this week