alal4465/Win_Rootkit external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

alal4465/Win_Rootkit

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/alal4465/Win_Rootkit)

Close

alal4465 / Win_RootkitView on GitHubMore

• External links
• Readme badge

A kernel-mode rootkit with remote control

☆224Nov 13, 2020Updated 5 years ago

Alternatives and similar repositories for Win_Rootkit

Users that are interested in Win_Rootkit are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• D4stiny / spectre

  View on GitHub
  A Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine.
  ☆723Aug 5, 2020Updated 5 years ago
• crvvdev / MasterHide

  View on GitHub
  A x64 Windows Rootkit using SSDT or Hypervisor hook
  ☆567Jan 4, 2025Updated last year
• iammaguire / Salient-Rootkit

  View on GitHub
  A kernel mode Windows rootkit in development.
  ☆47Dec 31, 2021Updated 4 years ago
• amitschendel / venom-rootkit

  View on GitHub
  A simple Windows kernel rootkit.
  ☆92May 13, 2025Updated last year
• ciyze0101 / Windows-Rootkits

  View on GitHub
  ☆514Nov 21, 2020Updated 5 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• x-super-rat / x-rat

  View on GitHub
  ☆10Aug 16, 2019Updated 6 years ago
• kouzhudong / libdrv

  View on GitHub
  Static Library For Windows Drivers
  ☆41Dec 13, 2025Updated 6 months ago
• cs1ime / DICHook

  View on GitHub
  Hook NtDeviceIoControlFile with PatchGuard
  ☆106May 10, 2022Updated 4 years ago
• XaFF-XaFF / Cronos-Rootkit

  View on GitHub
  Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
  ☆941Mar 29, 2022Updated 4 years ago
• repnz / autochk-rootkit

  View on GitHub
  Reverse engineered source code of the autochk rootkit
  ☆212Nov 1, 2019Updated 6 years ago
• zouxianyu / KernelHiddenExecute

  View on GitHub
  Hide codes/data in the kernel address space.
  ☆187May 8, 2021Updated 5 years ago
• br-sn / CheekyBlinder

  View on GitHub
  Enumerating and removing kernel callbacks using signed vulnerable drivers
  ☆593Jan 24, 2023Updated 3 years ago
• iPower / KasperskyHook

  View on GitHub
  Hook system calls on Windows by using Kaspersky's hypervisor
  ☆1,295Apr 2, 2026Updated 2 months ago
• bytecode77 / r77-rootkit

  View on GitHub
  Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
  ☆2,153May 25, 2026Updated 2 weeks ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• SDXT / MMInject

  View on GitHub
  Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL
  ☆221Nov 12, 2020Updated 5 years ago
• alexvogt91 / NetDriver

  View on GitHub
  kernel-mode TDI client which can send and receive HTTP requests
  ☆56Jun 9, 2018Updated 8 years ago
• Trietptm-on-Coding-Algorithms / ZeroBank-ring0-bundle

  View on GitHub
  Kernel-Mode rootkit that connects to a remote server to send & recv commands
  ☆32Sep 2, 2018Updated 7 years ago
• VeroFess / X64SystemCall

  View on GitHub
  All Nt Syscall and W32k Syscall in one asm, include, and call it!
  ☆58Nov 4, 2021Updated 4 years ago
• omerk2511 / NotifyRoutinesResearch

  View on GitHub
  A research project about Windows notify routines.
  ☆38Jul 31, 2020Updated 5 years ago
• SHA-MRIZ / FsMinfilterHooking

  View on GitHub
  ☆33Dec 22, 2020Updated 5 years ago
• zodiacon / PoolMonXv2

  View on GitHub
  Kernel Pool Monitor
  ☆128Mar 6, 2022Updated 4 years ago
• 0xcpu / ExecutiveCallbackObjects

  View on GitHub
  Research on Windows Kernel Executive Callback Objects
  ☆317Feb 22, 2020Updated 6 years ago
• can1357 / ByePg

  View on GitHub
  Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.
  ☆909Nov 21, 2019Updated 6 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• zhuhuibeishadiao / PatchGuardResearch

  View on GitHub
  win10 pgContext dynamic dump (btc version)
  ☆115Jan 15, 2020Updated 6 years ago
• anzelesnik / SyscallHook

  View on GitHub
  System call hook for Windows 10 20H1
  ☆495Jun 26, 2021Updated 4 years ago
• JKornev / hidden

  View on GitHub
  🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc
  ☆2,029Jul 13, 2022Updated 3 years ago
• JustasMasiulis / inline_syscall

  View on GitHub
  Inline syscalls made easy for windows on clang
  ☆736Jun 21, 2024Updated last year
• armasm / EasyAntiPatchGuard

  View on GitHub
  Easy Anti PatchGuard
  ☆221Apr 9, 2021Updated 5 years ago
• moccajoghurt / MemWars

  View on GitHub
  ☆45Oct 7, 2018Updated 7 years ago
• ivkin25 / Process-Hollowing

  View on GitHub
  An implementation of the Process Hollowing technique.
  ☆16Dec 13, 2020Updated 5 years ago
• amiryeshurun / HyperWin

  View on GitHub
  A native hypervisor designed for the Windows operating system
  ☆125Mar 6, 2021Updated 5 years ago
• auth12 / sysmap

  View on GitHub
  x64 manual mapper using inline syscalls
  ☆10Jul 8, 2021Updated 4 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• gabriellandau / CISpotter

  View on GitHub
  Code Integrity Violation Spotter
  ☆17Jun 11, 2024Updated 2 years ago
• XShar / Super_Hide_String

  View on GitHub
  Скрытие строки от отладчиков и декомпиляторов
  ☆50Oct 16, 2019Updated 6 years ago
• fIappy / infhook19041

  View on GitHub
  ☆123May 23, 2020Updated 6 years ago
• redplait / pexphide

  View on GitHub
  PoC for hiding PE exports
  ☆67Dec 19, 2020Updated 5 years ago
• Vicshann / GInjer

  View on GitHub
  Global DLL injector
  ☆70May 16, 2021Updated 5 years ago
• 0xfei / wincode

  View on GitHub
  过去写的一些Windows安全研究相关代码
  ☆134Feb 2, 2019Updated 7 years ago
• FaEryICE / MemScanner

  View on GitHub
  Analyze Windows x64 Kernel Memory Layout
  ☆131Nov 19, 2020Updated 5 years ago