adamhlt / Basic-Rootkit

Related projects ⓘ

Alternatives and complementary repositories for Basic-Rootkit

• NYAN-x-CAT / SharpShell
  Injecting shellcode into a process memory and executing it in C#
  ☆50Updated 2 years ago
• zer0condition / ZeroThreadKernel
  Recursive and arbitrary code execution at kernel-level without a system thread creation
  ☆154Updated last year
• 0mWindyBug / GhostMapperUM
  manual map unsigned driver over signed memory
  ☆183Updated 7 months ago
• 66flags / inline-syscall
  A simple direct syscall wrapper written in C++ with compatibility for x86 and x64 programs.
  ☆42Updated last year
• Intrus1ve / Runpe-ProcessHollowing
  Fud Runpe Av Evasion / All Av Bypass
  ☆31Updated last year
• amitschendel / venom-rootkit
  A simple Windows kernel rootkit.
  ☆88Updated last year
• ZeroMemoryEx / URootkit
  user-mode Rootkit
  ☆98Updated 2 years ago
• adamhlt / Process-Hollowing
  Process Hollowing in C++ (x86 / x64) - Process PE image replacement
  ☆127Updated last year
• SaulBerrenson / WinApiObfuscator
  Header only library for obfuscation import winapi functions.
  ☆32Updated 3 years ago
• TheAenema / hm-pe-packer
  A x64 PE Packer/Protector Developed in C++ and VisualStudio
  ☆50Updated last year
• estimated1337 / lenovo_exec
  CVE-2022-3699 with arbitrary kernel code execution capability
  ☆70Updated last year
• veil-ivy / kapc_injector
  kernel to user mode APC injector
  ☆43Updated 2 years ago
• byte2mov / codecave-hook
  codecave hook reverse engineering toolkit.
  ☆32Updated 11 months ago
• Oliver-1-1 / GhostMapper
  ☆225Updated 2 months ago
• Flerov / TS-Changer
  TS-Changer - Forces the machine in/out of TestSigning Mode at runtime.
  ☆64Updated last year
• XaFF-XaFF / MBR-Overwrite-with-custom-message
  Overwrite MBR and add own custom message
  ☆13Updated 4 years ago
• void-stack / Hypervisor-Detection
  Detects virtual machines and malware analysis environments
  ☆115Updated 2 years ago
• Hemogl0bin / drvscanner
  Scan for potentially vulnerable drivers
  ☆80Updated 2 years ago
• XaFF-XaFF / Shellcodev
  Shellcodev is a tool designed to help and automate the process of shellcode creation.
  ☆101Updated last year
• samshine / ScyllaHideDetector2
  Allows you to find the use of ScyllaHide, if your program will debug and restore hooking functions bytes.
  ☆24Updated 5 years ago
• SamuelTulach / PwnedBoot
  Using Windows' own bootloader as a shim to bypass Secure Boot
  ☆144Updated 4 months ago
• XaFF-XaFF / ZwProcessHollowing
  ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
  ☆78Updated last year
• kkent030315 / anymapper
  x64 Windows kernel driver mapper, inject unsigned driver using anycall
  ☆115Updated 9 months ago
• Sherman0236 / XorData
  A C++17 framework designed to enable obfuscation of constants, variables, and strings.
  ☆26Updated last year
• exploitblizzard / UAC-Bypass
  Bypassing windows uac, however its an old approach/method but its still unpatched ¯\_(ツ)_/¯
  ☆42Updated 3 years ago
• ZwCreateFile / FuckDse
  Bring Your Own Vulnerable Driver for PatchGuard & Driver Signature Enforcement
  ☆12Updated 7 months ago
• SaadAhla / BlockOpenHandle
  Block any Process to open HANDLE to your process , only SYTEM is allowed to open handle to your process ,with that you can avoid remote m…
  ☆165Updated last year
• 1hAck-0 / zeroimport
  ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…
  ☆46Updated last year
• GetRektBoy724 / DCMB
  Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!
  ☆224Updated 4 months ago