brosck / Frosty
γπ§γRing 3 Rootkit for Windows 10
β59Updated 2 months ago
Alternatives and similar repositories for Frosty:
Users that are interested in Frosty are comparing it to the libraries listed below
- Create Anti-Copy DRM Malwareβ52Updated 6 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.β73Updated 6 months ago
- Splitting and executing shellcode across multiple pagesβ99Updated last year
- Classic Process Injection with Memory Evasion Techniques implemantationβ66Updated last year
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.β72Updated 11 months ago
- Red Team Operation's Defense Evasion Technique.β51Updated 8 months ago
- Implementing the ghostly hollowing PE injection technique using tampered syscalls.β131Updated 8 months ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.β85Updated 8 months ago
- π‘οΈ A multi-user malleable C2 framework targeting Windows. Written in C++ and Pythonβ43Updated 11 months ago
- Bypass the Event Trace Windows(ETW) and unhook ntdll.β102Updated last year
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process holβ¦β68Updated last year
- This is a simple process injection made in C for Linux systemsβ26Updated last year
- NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing Rβ¦β58Updated last year
- Rusty Hell's Gate / Halo's Gate / Tartarus' Gate / FreshyCalls / Syswhispers2 Libraryβ26Updated 2 years ago
- API Hammering with C++20β45Updated 2 years ago
- Template-based generation of shellcode loadersβ73Updated 10 months ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.β62Updated last year
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.β90Updated 11 months ago
- Various methods of executing shellcodeβ68Updated last year
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, anβ¦β176Updated last year
- Section-based payload obfuscation technique for x64β59Updated 6 months ago
- γβοΈγDetect which native Windows API's (NtAPI) are being hookedβ38Updated 2 months ago
- A nice process dumping toolβ78Updated 2 years ago
- abusing Process Hacker driver to terminate other processes (BYOVD)β81Updated last year
- β36Updated 2 years ago
- β36Updated 2 years ago
- Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.β45Updated 11 months ago
- This program is used to perform reflective DLL Injection to a remote process specified by the user.β65Updated last year
- Kernel Mode Driver for Elevating Process Privilegesβ132Updated last year
- Improved version of EKKO by @5pider that Encrypts only Image Sectionsβ118Updated 2 years ago