brosck / RebellionView external linksLinks
「⚔️」Ring 0 Rootkit for Linux Kernels x86/x86_64 5.x/6.x
☆27Apr 10, 2025Updated 10 months ago
Alternatives and similar repositories for Rebellion
Users that are interested in Rebellion are comparing it to the libraries listed below
Sorting:
- 「🧊」Ring 3 Rootkit for Windows 10☆60Dec 7, 2024Updated last year
- 「⚠️」Performing a BYOVD on the truesight.sys driver☆44Dec 7, 2024Updated last year
- Thats it! An Open-Source Windows UEFI Rootkit☆28Jul 19, 2025Updated 6 months ago
- A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆38Mar 6, 2025Updated 11 months ago
- A high-fidelity x86_64 polymorphic mutation engine focused on instruction-level fragmentation and context preservation.☆109Jan 18, 2026Updated 3 weeks ago
- A bunch of shenanigans using functions, VEH and more☆37Jun 8, 2025Updated 8 months ago
- Tool to start a python http server in a simple way☆10Mar 30, 2022Updated 3 years ago
- Attacking the cleanup_module function of a kernel module☆56Jun 30, 2025Updated 7 months ago
- Pure Go rewrite of knockknock☆11Feb 7, 2023Updated 3 years ago
- A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow☆18Jun 26, 2025Updated 7 months ago
- 🛠️ Explore custom C2 TTPs with Aether-C2-Framework, focusing on lightweight Rust implants and stealthy transport stacks to reduce forens…☆18Updated this week
- This is a simple process injection made in C for Linux systems☆30Sep 23, 2023Updated 2 years ago
- Make an Linux Kernel rootkit visible again.☆59Feb 27, 2025Updated 11 months ago
- Wolfy AV Bypasser☆29Feb 8, 2023Updated 3 years ago
- Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies☆50Jul 6, 2025Updated 7 months ago
- Just a nice little shellcode loader using unconventional methods to avoid using signatured APIs☆23Jul 11, 2025Updated 7 months ago
- Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel☆59Apr 13, 2025Updated 10 months ago
- A small set of Beacon Object Files (BOFs) that I developed over the time with a Magic: The Gathering theme.☆16Jul 15, 2025Updated 6 months ago
- DeadManSwitch in rust with several triggers (remote local and network)☆17Nov 19, 2025Updated 2 months ago
- A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure …☆19Mar 6, 2025Updated 11 months ago
- 🛡️ Open-source binary protection toolkit for Windows PE. Nanomite, VM protection, anti-debug, and more.☆49Updated this week
- A Python script to authenticate and test access to Google Cloud Platform (GCP) resources.☆18Jan 31, 2024Updated 2 years ago
- A collections of methods to sleep on Windows using common and less-so-common techniques☆14Aug 16, 2024Updated last year
- ☆33Sep 10, 2025Updated 5 months ago
- AI Voice Cloning Desktop Application that runs locally on your computer and doesn't cost anything to run☆45Nov 26, 2025Updated 2 months ago
- 「💻」Simple kernel made in 16-bit assembly only☆18Dec 7, 2024Updated last year
- ☆26Aug 11, 2025Updated 6 months ago
- A COFF loader made in Rust☆327Aug 20, 2025Updated 5 months ago
- Wow64 Heaven's Gate Hook☆29Jul 28, 2021Updated 4 years ago
- A hacky way of getting cross-arch/platform support in Cobalt Strike☆37Aug 31, 2025Updated 5 months ago
- A synergized Visual Studio and Rust development environment☆19Jan 25, 2025Updated last year
- Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability☆24Feb 5, 2025Updated last year
- Rust Linux Kernel Module designed for LKM rootkit detection☆59Mar 12, 2025Updated 11 months ago
- Evade behavioral analysis by executing malicious code within trusted Microsoft call stacks, patchless hooking library IAT/EAT.☆129Dec 8, 2025Updated 2 months ago
- a dkom rootkit that targets windows x64 systems. the rootkit hooks and edits criticl memory sections in order to hide different resources…☆18Jul 5, 2023Updated 2 years ago
- A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.☆66Feb 11, 2025Updated last year
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 6 months ago
- "Service-less" driver loading☆184Nov 28, 2024Updated last year
- BYOVD hunter to help prioritize windows drivers worth manual analysis☆74Aug 19, 2025Updated 5 months ago