brosck / Frosty
γπ§γRing 3 Rootkit for Windows 10
β59Updated 3 months ago
Alternatives and similar repositories for Frosty:
Users that are interested in Frosty are comparing it to the libraries listed below
- This is a simple process injection made in C for Linux systemsβ26Updated last year
- Splitting and executing shellcode across multiple pagesβ100Updated last year
- Create Anti-Copy DRM Malwareβ54Updated 7 months ago
- Classic Process Injection with Memory Evasion Techniques implemantationβ68Updated last year
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process holβ¦β68Updated last year
- Red Team Operation's Defense Evasion Technique.β52Updated 9 months ago
- NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing Rβ¦β58Updated last year
- Various methods of executing shellcodeβ69Updated 2 years ago
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, anβ¦β177Updated last year
- π‘οΈ A multi-user malleable C2 framework targeting Windows. Written in C++ and Pythonβ44Updated last year
- Implementing the ghostly hollowing PE injection technique using tampered syscalls.β141Updated 2 weeks ago
- Identify and exploit leaked handles for local privilege escalation.β106Updated last year
- Bypass Malware Sandbox Evasion Ram checkβ137Updated 2 years ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.β106Updated last year
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.β62Updated last year
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.β72Updated last year
- Bypass the Event Trace Windows(ETW) and unhook ntdll.β102Updated last year
- API Hammering with C++20β45Updated 2 years ago
- Windows Kernel Offensive Toolsetβ119Updated 6 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.β73Updated 7 months ago
- Plantronics Desktop Hub LPEβ37Updated 10 months ago
- BYOVD Technique Example using viragt64 driverβ34Updated 8 months ago
- γβοΈγDetect which native Windows API's (NtAPI) are being hookedβ38Updated 3 months ago
- A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.β109Updated last year
- Simple PoC to locate hooked functions by EDR in ntdll.dllβ36Updated last year
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.β90Updated 9 months ago
- Small project looking into how we can build malware with zero-imports by dynamically resolving windows APIs using GetProcAddress and GetMβ¦β38Updated last year
- β121Updated last year
- using the gpu to hide your payloadβ56Updated 2 years ago
- Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.β46Updated last year