A kernel rootkit with remote command and control interface for windows
☆109Jan 22, 2018Updated 8 years ago
Alternatives and similar repositories for zwhawk
Users that are interested in zwhawk are comparing it to the libraries listed below
Sorting:
- lowlevel cyber course - riscv & i8086 competition☆11Jan 12, 2019Updated 7 years ago
- Exploit Exercises for Security Researchers (arm, x86...)☆13May 10, 2019Updated 6 years ago
- Modify data structures in the Windows kernel, hiding processes by PID☆16Oct 29, 2017Updated 8 years ago
- 💻 Windows 10 Kernel-mode rootkit☆32Sep 3, 2022Updated 3 years ago
- Remove API hooks from a Beacon process.☆14Sep 18, 2021Updated 4 years ago
- Simple remote administration tool. Written in c++ and MASM.☆18May 16, 2018Updated 7 years ago
- ☆508Nov 21, 2020Updated 5 years ago
- A Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine.☆722Aug 5, 2020Updated 5 years ago
- Reflective DLL Injection style process infector☆20Jul 23, 2018Updated 7 years ago
- A kernel-mode rootkit with remote control☆222Nov 13, 2020Updated 5 years ago
- Protects deletion of files with a specified extension using a kernel-mode driver.☆76Jul 16, 2018Updated 7 years ago
- GreenKit is an userland rootkit hiding its own files and mining bitcoins on compromised computers. Do /NOT/ download or use this rootkit …☆47Jan 19, 2018Updated 8 years ago
- Kinject - kernel dll injector, currently available in x86 version, will be updated to x64 soon.☆32Apr 10, 2015Updated 10 years ago
- Windows Malware☆39Apr 17, 2013Updated 12 years ago
- A TCP-Client connected Keylogger in C#☆12Mar 14, 2017Updated 8 years ago
- This is a demo project to illustrate the way to verify and restore original SST in case of some malware hooks☆33Mar 2, 2017Updated 8 years ago
- A x64 Windows Rootkit using SSDT or Hypervisor hook☆561Jan 4, 2025Updated last year
- Gozi-MBR-rootkit Bootkit Modified☆69Oct 25, 2016Updated 9 years ago
- Educational repository for learning about rootkits and Windows Kernel Hooks.☆49Mar 21, 2015Updated 10 years ago
- Kernel mode driver loader, injecting into the windows kernel, Rootkit. Driver injections.☆48Nov 9, 2014Updated 11 years ago
- Shellcode to load an appended Dll☆91Oct 28, 2020Updated 5 years ago
- Iris is an adjudicational Trojan & a fullon userland RAT, Targeting windows machine's, maid for Research purposes And as a resource Kit f…☆30Dec 14, 2018Updated 7 years ago
- Kernel rootkit, that lives inside the Windows registry values data☆504Oct 8, 2017Updated 8 years ago
- Access windows machine remotely on HTTP☆12Oct 28, 2020Updated 5 years ago
- Windows inject☆16Jun 7, 2018Updated 7 years ago
- Kindly Win x86/x64 DLL Injector☆15Aug 17, 2019Updated 6 years ago
- Windows anti-rootkit library☆37Mar 15, 2015Updated 10 years ago
- simple PE packer written in C++☆56Feb 23, 2018Updated 8 years ago
- A basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager☆695Mar 26, 2019Updated 6 years ago
- RAT - HTTP based. Undetectable!☆52Dec 13, 2019Updated 6 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Aug 12, 2015Updated 10 years ago
- Example Loader to be used as a learning resource for people interested in how commercially available malware is made on a very basic leve…☆70May 9, 2019Updated 6 years ago
- C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.☆31Nov 9, 2021Updated 4 years ago
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Oct 26, 2025Updated 4 months ago
- 微软7月布丁增加内存延迟释放机制☆11Jul 19, 2014Updated 11 years ago
- Maintain Windows Persistence with an evil Netshell Helper DLL☆12Jul 28, 2018Updated 7 years ago
- ☆11Apr 23, 2019Updated 6 years ago
- source code for the examples and topics from the book☆10Mar 11, 2019Updated 6 years ago
- Proof of Concept of the steganographic algorithms implemented by APT 29 (Hammertos)☆10Nov 26, 2018Updated 7 years ago