adamhlt/Basic-Rootkit external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

adamhlt/Basic-Rootkit

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/adamhlt/Basic-Rootkit)

Close

adamhlt / Basic-RootkitView on GitHubMore

• External links
• Readme badge

POC Ring3 Windows Rootkit (x86 / x64) - Hide processes and files

☆64Aug 1, 2023Updated 2 years ago

Alternatives and similar repositories for Basic-Rootkit

Users that are interested in Basic-Rootkit are comparing it to the libraries listed below

• adamhlt / IAT-Hooking

  View on GitHub
  IAT Hooking POC (x86 / x64) - Hook functions through the IAT
  ☆36Jul 29, 2024Updated last year
• adamhlt / ASLR-Disabler

  View on GitHub
  ASLR Disabler (x86 / x64) - Little utility for disabling the ASLR on PE files
  ☆16Aug 1, 2023Updated 2 years ago
• a7t0fwa7 / Pandora-Hvnc-Hidden-Browser-Real-Vnc-Working-Chromium-Edge-Opera-Gx

  View on GitHub
  Hidden Features Full Hidden Access Hidden Desktop Hidden Browsers Hidden Cmd Clone Profile Hidden PowerShell Hidden Explorer Hidde…
  ☆20Sep 30, 2022Updated 3 years ago
• adamhlt / Process-Hollowing

  View on GitHub
  Process Hollowing in C++ (x86 / x64) - Process PE image replacement
  ☆180Aug 1, 2023Updated 2 years ago
• adamhlt / Easy-Mid-Hook

  View on GitHub
  Mid Hook Template (x64) - Easy way to mid function hooking in x64
  ☆34Aug 1, 2023Updated 2 years ago
• adamhlt / Manual-DLL-Loader

  View on GitHub
  Custom LoadLibrary / GetProcAddress (x86 / x64) - Load DLL and retrieve functions manually
  ☆96Aug 4, 2023Updated 2 years ago
• adamhlt / Cave-Finder

  View on GitHub
  Tool to find code cave in PE image (x86 / x64) - Find empty space to place code in PE files
  ☆72Aug 1, 2023Updated 2 years ago
• adamhlt / Cube-World-Reversing

  View on GitHub
  Cube World Reversing & Cheat (x64) - Include IDA file and unpacked game
  ☆13Aug 1, 2023Updated 2 years ago
• adamhlt / D3D9-Overlay-ImGui

  View on GitHub
  D3D9 Overlay with ImGui (x86 / x64) - EXE / DLL DirectX 9 Overlay
  ☆32Aug 21, 2023Updated 2 years ago
• coldpon / ring3-hidden

  View on GitHub
  Hide processes, files, services in Windows ring3
  ☆33Jun 4, 2024Updated last year
• opcode86 / SysCaller

  View on GitHub
  Single header library to simplify the usage of direct syscalls. x64/x86
  ☆14Feb 26, 2023Updated 3 years ago
• guidedhacking / GH_Syscall

  View on GitHub
  Small class to help perform syscalls.
  ☆21May 15, 2025Updated 10 months ago
• 0x44F / WinKit

  View on GitHub
  💻 Windows 10 Kernel-mode rootkit
  ☆32Sep 3, 2022Updated 3 years ago
• S3cur3Th1sSh1t / MailSniper

  View on GitHub
  MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, i…
  ☆19Jan 28, 2022Updated 4 years ago
• adamhlt / DLL-Injector

  View on GitHub
  DLL Injector (LoadLibrary) in C++ (x86 / x64) - LoadLibrary DLL injector
  ☆188Aug 1, 2023Updated 2 years ago
• amitschendel / venom-rootkit

  View on GitHub
  A simple Windows kernel rootkit.
  ☆96May 13, 2025Updated 10 months ago
• mar753 / ws2_32_proxy_dll

  View on GitHub
  ☆13Jun 14, 2023Updated 2 years ago
• blogresponder / Realtek-rtkio64-Windows-driver-privilege-escalation

  View on GitHub
  A PoC of a privilege escalation vulnerability in the Realtek rtkio64 Windows driver.
  ☆20Jul 6, 2020Updated 5 years ago
• mrx325 / hVNC-Recoded

  View on GitHub
  Original hVNC has been recoded to work with all version of windows above XP. Thanks to the original author for this wonderful tool.
  ☆10Oct 13, 2021Updated 4 years ago
• XaFF-XaFF / Cronos-Rootkit

  View on GitHub
  Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
  ☆940Mar 29, 2022Updated 3 years ago
• bytecode77 / r77-rootkit

  View on GitHub
  Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
  ☆2,109Feb 19, 2026Updated last month
• adamhlt / ImGui-Standalone

  View on GitHub
  D3D11 ImGui External (x86 / x64) - EXE / DLL ImGui External Menu
  ☆283Aug 18, 2023Updated 2 years ago
• 0xneox / QNAP-QTS-RCE

  View on GitHub
  A python RCE exploit on QNAP-QTS
  ☆15Sep 15, 2020Updated 5 years ago
• Da2dalus / Virus_Maker-by-Black_Host

  View on GitHub
  Virus Maker by Black Host
  ☆15Apr 10, 2020Updated 5 years ago
• MandConsultingGroup / ring3-kit

  View on GitHub
  Hides Process From Task Manager Using NT API Hooking (NtQuerySystemInformation)
  ☆81Dec 28, 2022Updated 3 years ago
• NukeDev / Goolia-Rat

  View on GitHub
  gRPC Based Remote Administration Tool
  ☆20Jun 23, 2023Updated 2 years ago
• Arachnidd / rolimons-trade-ad

  View on GitHub
  Free rolimons trade ad bot. This is smarter and WAY better than any other bot.
  ☆19Apr 13, 2025Updated 11 months ago
• ItsBrank / SignatureMaker

  View on GitHub
  Automatically generate signatures from an address, or compare your own array of bytes.
  ☆12Dec 10, 2025Updated 3 months ago
• JkMaFlLi / xorInject

  View on GitHub
  ☆21Nov 6, 2024Updated last year
• adamhlt / D3D11-Overlay-ImGui

  View on GitHub
  D3D11 Overlay with ImGui (x86 / x64) - EXE / DLL DirectX 11 Overlay
  ☆130Aug 21, 2023Updated 2 years ago
• whitephone / Windows-Rootkits

  View on GitHub
  ☆26Sep 17, 2017Updated 8 years ago
• NYAN-x-CAT / OSEP-Code-Snippets

  View on GitHub
  A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
  ☆10Aug 2, 2021Updated 4 years ago
• C5Hackr / Phantom

  View on GitHub
  ☆131Updated this week
• eversinc33 / Banshee

  View on GitHub
  Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.
  ☆593Aug 2, 2025Updated 7 months ago
• Nitr0-G / DriverLoader

  View on GitHub
  it's a driver injector or driver loader header lib(Windows)
  ☆12Aug 5, 2023Updated 2 years ago
• Mantraufo / Kanoninjector

  View on GitHub
  Runpe + DInvoke + Syscall
  ☆16Jun 18, 2021Updated 4 years ago
• benheise / TitanLdr

  View on GitHub
  Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH
  ☆70Sep 6, 2021Updated 4 years ago
• XaFF-XaFF / Black-Angel-Rootkit

  View on GitHub
  Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.
  ☆680Nov 9, 2023Updated 2 years ago
• Glatrix / ClrHosting

  View on GitHub
  Clr Injection for x64 and x86. Inject C# into Managed or Unmanaged Processes.
  ☆18Sep 7, 2024Updated last year