h3xduck / Umbra
A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malware and more.
☆120Updated 3 years ago
Alternatives and similar repositories for Umbra:
Users that are interested in Umbra are comparing it to the libraries listed below
- LD_PRELOAD rootkit☆127Updated 10 months ago
- A local LKM rootkit loader/dropper that lists available security mechanisms☆52Updated 3 years ago
- ☆67Updated last year
- A simple PoC to invoke an encrypted shellcode by using an hidden call☆116Updated 2 years ago
- Resources and articles I need to take a look at. Mostly about malware/exploit development and analysis.☆81Updated 3 years ago
- A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…☆88Updated last year
- A Flask-based HTTP(S) command and control (C2) with a web frontend. Malleable agent written in Go.☆35Updated last year
- BPFDoor Source Code. Originally found from Chinese Threat Actor Red Menshen☆43Updated 2 years ago
- ☆112Updated 2 years ago
- bdvl☆111Updated 2 years ago
- A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in c…☆120Updated 2 years ago
- A payload delivery system which embeds payloads in an executable's icon file!☆73Updated 11 months ago
- Bypass Malware Sandbox Evasion Ram check☆137Updated 2 years ago
- Malware indetectable, with AV bypass techniques, anti-disassembly, etc.☆88Updated 4 years ago
- This is a simple example of DLL hijacking enabling proxy execution.☆65Updated last year
- Stealth dropper executing remote binaries without dropping them on disk .(HTTP3 support, ICMP support, invisible tracks, cross-platform,.…☆195Updated 6 months ago
- ☆84Updated 2 years ago
- Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)☆41Updated last year
- Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)☆218Updated last year
- C++ Windows Reverse Shell - Universal DLL Hijack | SSL Encryption | Statically Linked☆86Updated 4 years ago
- PoC MSVC COFF Object file loader/injector.☆169Updated 3 years ago
- ☆33Updated 2 years ago
- A shellcode generator with encryption, encoding and polymorphism facilities built-in☆30Updated 2 years ago
- Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10☆37Updated 2 years ago
- A collection of source code, binaries, and compilation scripts designed to bypass detection☆25Updated 2 years ago
- Medusa is a cross-platform C2 agent compatible with Python 2.7 and 3.8, compatible with Mythic☆168Updated last year