brosck / FrostyLinks
γπ§γRing 3 Rootkit for Windows 10
β57Updated 6 months ago
Alternatives and similar repositories for Frosty
Users that are interested in Frosty are comparing it to the libraries listed below
Sorting:
- γβοΈγRing 0 Rootkit for Linux Kernels x86/x86_64 5.x/6.xβ25Updated 2 months ago
- This is a simple process injection made in C for Linux systemsβ26Updated last year
- Create Anti-Copy DRM Malwareβ58Updated 10 months ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.β90Updated last year
- Bypass the Event Trace Windows(ETW) and unhook ntdll.β103Updated last year
- Small project looking into how we can build malware with zero-imports by dynamically resolving windows APIs using GetProcAddress and GetMβ¦β39Updated last year
- Attacking the cleanup_module function of a kernel moduleβ36Updated 2 months ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.β64Updated 2 years ago
- Red Team Operation's Defense Evasion Technique.β53Updated last year
- Bypass Malware Sandbox Evasion Ram checkβ137Updated 2 years ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.β73Updated 10 months ago
- kernel-mode DLL Injectorβ85Updated 2 months ago
- Splitting and executing shellcode across multiple pagesβ103Updated 2 years ago
- Rex Shellcode Loader for AV/EDR evasionβ31Updated last year
- ApexLdr is a DLL Payload Loader written in Cβ111Updated 11 months ago
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, anβ¦β180Updated last year
- LKM rootkit for modern kernels, with DNS C2 and a simple web interfaceβ69Updated 2 months ago
- I have documented all of the AMSI patches that I learned till nowβ73Updated 3 months ago
- Section-based payload obfuscation technique for x64β61Updated 10 months ago
- β125Updated last year
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process holβ¦β70Updated last year
- A modification to fortra's CVE-2023-28252 exploit, compiled to exeβ54Updated last year
- Classic Process Injection with Memory Evasion Techniques implemantationβ70Updated last year
- β86Updated last year
- This project is an implant framework designed for long term persistent access to Windows machines.β110Updated last year
- Windows C++ Implant for Exploration C2β31Updated 3 weeks ago
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.β72Updated last year
- API Hammering with C++20β46Updated 2 years ago
- Windows AppLocker Driver (appid.sys) LPEβ62Updated 10 months ago
- γβοΈγDetect which native Windows API's (NtAPI) are being hookedβ38Updated 6 months ago