☆514Nov 21, 2020Updated 5 years ago
Alternatives and similar repositories for Windows-Rootkits
Users that are interested in Windows-Rootkits are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Kernel rootkit, that lives inside the Windows registry values data☆507Oct 8, 2017Updated 8 years ago
- This is the list of all rootkits found so far on github and other sites.☆1,449Aug 29, 2025Updated 9 months ago
- 🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc☆2,024Jul 13, 2022Updated 3 years ago
- A kernel-mode rootkit with remote control☆224Nov 13, 2020Updated 5 years ago
- Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.☆941Mar 29, 2022Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆143Nov 24, 2025Updated 6 months ago
- Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.☆2,149May 25, 2026Updated 2 weeks ago
- Kernel mode driver loader, injecting into the windows kernel, Rootkit. Driver injections.☆46Nov 9, 2014Updated 11 years ago
- GreenKit is an userland rootkit hiding its own files and mining bitcoins on compromised computers. Do /NOT/ download or use this rootkit …☆47Jan 19, 2018Updated 8 years ago
- windows kernel security development☆2,064Sep 6, 2022Updated 3 years ago
- ☆24Feb 21, 2016Updated 10 years ago
- A Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine.☆723Aug 5, 2020Updated 5 years ago
- Gozi-MBR-rootkit Bootkit Modified☆70Oct 25, 2016Updated 9 years ago
- Hook system calls on Windows by using Kaspersky's hypervisor☆1,295Apr 2, 2026Updated 2 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager☆700Mar 26, 2019Updated 7 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Aug 12, 2015Updated 10 years ago
- Reverse engineered source code of the autochk rootkit☆212Nov 1, 2019Updated 6 years ago
- createfile☆48Oct 27, 2015Updated 10 years ago
- it's a simple LKM rootkit.☆12Aug 2, 2016Updated 9 years ago
- x64 usermode rootkit☆211Apr 11, 2018Updated 8 years ago
- linux rootkit☆162Feb 12, 2018Updated 8 years ago
- Educational repository for learning about rootkits and Windows Kernel Hooks.☆47Mar 21, 2015Updated 11 years ago
- just a basic rootkit for learning how to playing sys_call_table☆16Sep 12, 2016Updated 9 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ☆407Mar 1, 2017Updated 9 years ago
- 内�核级ARK工具。☆60Aug 1, 2016Updated 9 years ago
- A kernel rootkit with remote command and control interface for windows☆108Jan 22, 2018Updated 8 years ago
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆827Mar 10, 2022Updated 4 years ago
- A simple rootkit to hide a process☆48Jan 10, 2014Updated 12 years ago
- Hide codes/data in the kernel address space.☆187May 8, 2021Updated 5 years ago
- ☆828Dec 28, 2019Updated 6 years ago
- pseudo-code to show how to disable patchguard with win10☆296Jan 13, 2018Updated 8 years ago
- Hidden kernel mode code execution for bypassing modern anti-rootkits.☆84Dec 23, 2010Updated 15 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A kernel mode Windows rootkit in development.☆47Dec 31, 2021Updated 4 years ago
- MemoryRanger protects kernel data and code by running drivers and hosting data in isolated kernel enclaves using VT-x and EPT features. M…☆244Jul 26, 2020Updated 5 years ago
- A small bootkit which does not rely on x64 assembly.☆526Aug 29, 2019Updated 6 years ago
- Protects deletion of files with a specified extension using a kernel-mode driver.☆76Jul 16, 2018Updated 7 years ago
- proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC☆1,288May 1, 2024Updated 2 years ago
- windows LPC library☆44Jun 7, 2013Updated 13 years ago
- Turn off PatchGuard in real time for win7 (7600) ~ later☆1,042Apr 21, 2022Updated 4 years ago