brosck / Frosty
γπ§γRing 3 Rootkit for Windows 10
β57Updated 4 months ago
Alternatives and similar repositories for Frosty:
Users that are interested in Frosty are comparing it to the libraries listed below
- Attacking the cleanup_module function of a kernel moduleβ30Updated 2 weeks ago
- This is a simple process injection made in C for Linux systemsβ26Updated last year
- Splitting and executing shellcode across multiple pagesβ100Updated last year
- using the gpu to hide your payloadβ57Updated 2 years ago
- Create Anti-Copy DRM Malwareβ55Updated 8 months ago
- γβοΈγRing 0 Rootkit for Linux Kernels x86/x86_64 5.x/6.xβ23Updated last week
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process holβ¦β69Updated last year
- Bypass the Event Trace Windows(ETW) and unhook ntdll.β102Updated last year
- Classic Process Injection with Memory Evasion Techniques implemantationβ69Updated last year
- Various methods of executing shellcodeβ70Updated 2 years ago
- Windows Kernel Offensive Toolsetβ119Updated 7 months ago
- NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing Rβ¦β58Updated last year
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhoggβ46Updated last year
- π‘οΈ A multi-user malleable C2 framework targeting Windows. Written in C++ and Pythonβ44Updated last year
- Bypass Malware Sandbox Evasion Ram checkβ137Updated 2 years ago
- Windows AppLocker Driver (appid.sys) LPEβ54Updated 8 months ago
- Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.htmlβ122Updated 2 years ago
- Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)β41Updated last year
- Implementing the ghostly hollowing PE injection technique using tampered syscalls.β144Updated last month
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, anβ¦β177Updated last year
- BYOVD Technique Example using viragt64 driverβ38Updated 8 months ago
- γβοΈγDetect which native Windows API's (NtAPI) are being hookedβ38Updated 4 months ago
- API Hammering with C++20β46Updated 2 years ago
- LKM rootkit for modern kernels, with DNS C2 and a simple web interfaceβ65Updated last week
- Indirect Syscall implementation to bypass userland NTAPIs hooking.β74Updated 8 months ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.β62Updated last year
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.β72Updated last year
- β82Updated last year
- Red Team Operation's Defense Evasion Technique.β53Updated 10 months ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.β90Updated 10 months ago