brosck / Rebellion
「⚔️」Ring 0 Rootkit for Linux Kernels x86/x86_64 5.x/6.x
☆23Updated last month
Alternatives and similar repositories for Rebellion:
Users that are interested in Rebellion are comparing it to the libraries listed below
- 「⚠️」Performing a BYOVD on the truesight.sys driver☆34Updated 5 months ago
- 「⚙️」Detect which native Windows API's (NtAPI) are being hooked☆38Updated 5 months ago
- ☆55Updated 6 months ago
- This is a simple process injection made in C for Linux systems☆26Updated last year
- Section-based payload obfuscation technique for x64☆59Updated 9 months ago
- in-process powershell runner for BRC4☆45Updated last year
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 7 months ago
- Docker container for running CobaltStrike 4.10☆37Updated 7 months ago
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆47Updated last year
- Make an Linux Kernel rootkit visible again.☆51Updated 2 months ago
- A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc.☆35Updated last year
- Attacking the cleanup_module function of a kernel module☆32Updated last month
- Tool to aid in dumping LSASS process remotely☆38Updated 9 months ago
- 「🧊」Ring 3 Rootkit for Windows 10☆57Updated 5 months ago
- e(X)tensiable (Rust) Malware Toolkit: (Soon!) Full Featured Rust C2 Framework with Awesome Features!☆24Updated 8 months ago
- Beacon Object Files (BOF) for Cobalt Strike.☆29Updated 8 months ago
- PowerShell script to generate ShellCode in various formats☆41Updated 7 months ago
- ☆34Updated last month
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆32Updated last year
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆41Updated 9 months ago
- Classic Process Injection with Memory Evasion Techniques implemantation☆69Updated last year
- command control framework☆21Updated 3 weeks ago
- DFSCoerce exe revisited version with custom authentication☆40Updated last year
- This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…☆51Updated 2 years ago
- Rewrite to fit my needs☆27Updated 9 months ago
- Cortex EDR Ransomware protection Bypass☆21Updated 3 months ago
- A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.☆59Updated 2 months ago
- A pure C version of SymProcAddress☆27Updated last year
- These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…☆19Updated last year