brosck / FrostyLinks
「🧊」Ring 3 Rootkit for Windows 10
☆58Updated 6 months ago
Alternatives and similar repositories for Frosty
Users that are interested in Frosty are comparing it to the libraries listed below
Sorting:
- 「⚔️」Ring 0 Rootkit for Linux Kernels x86/x86_64 5.x/6.x☆24Updated last month
- This is a simple process injection made in C for Linux systems☆26Updated last year
- Splitting and executing shellcode across multiple pages☆103Updated last year
- Classic Process Injection with Memory Evasion Techniques implemantation☆70Updated last year
- Create Anti-Copy DRM Malware☆57Updated 9 months ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆70Updated last year
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆45Updated last year
- abusing Process Hacker driver to terminate other processes (BYOVD)☆82Updated 2 years ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆64Updated 2 years ago
- Bypass Malware Sandbox Evasion Ram check☆137Updated 2 years ago
- 「⚙️」Detect which native Windows API's (NtAPI) are being hooked☆38Updated 6 months ago
- Rex Shellcode Loader for AV/EDR evasion☆31Updated last year
- Red Team Operation's Defense Evasion Technique.☆52Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆73Updated 9 months ago
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆72Updated last year
- Attacking the cleanup_module function of a kernel module☆36Updated 2 months ago
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆178Updated last year
- Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.☆47Updated last year
- Windows AppLocker Driver (appid.sys) LPE☆60Updated 10 months ago
- 「⚠️」Performing a BYOVD on the truesight.sys driver☆35Updated 6 months ago
- Bypass the Event Trace Windows(ETW) and unhook ntdll.☆103Updated last year
- API Hammering with C++20☆46Updated 2 years ago
- Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)☆41Updated last year
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆89Updated 11 months ago
- Windows Kernel Offensive Toolset☆124Updated 8 months ago
- BYOVD Technique Example using viragt64 driver☆40Updated 10 months ago
- kernel-mode DLL Injector☆82Updated last month
- ☆36Updated 2 years ago
- A collections of methods to sleep on Windows using common and less-so-common techniques☆14Updated 9 months ago
- Various methods of executing shellcode☆70Updated 2 years ago