h3xduck / Umbra
A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malware and more.
☆122Updated 3 years ago
Alternatives and similar repositories for Umbra:
Users that are interested in Umbra are comparing it to the libraries listed below
- LD_PRELOAD rootkit☆128Updated 11 months ago
- A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…☆88Updated last year
- A local LKM rootkit loader/dropper that lists available security mechanisms☆52Updated 3 years ago
- Malware indetectable, with AV bypass techniques, anti-disassembly, etc.☆89Updated 4 years ago
- MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit☆37Updated last year
- BPFDoor Source Code. Originally found from Chinese Threat Actor Red Menshen☆43Updated 2 years ago
- A simple PoC to invoke an encrypted shellcode by using an hidden call☆116Updated 2 years ago
- -x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x- LD_PRELOAD based user-land rootkit for Linux platform.☆27Updated 4 years ago
- (Sim)ulate (Ba)zar Loader☆29Updated 4 years ago
- ☆112Updated 2 years ago
- Paracosme is a zero-click remote memory corruption exploit that compromises ICONICS Genesis64 which was demonstrated successfully on stag…☆87Updated last year
- Bypass Malware Sandbox Evasion Ram check☆137Updated 2 years ago
- bdvl☆112Updated 2 years ago
- ☆54Updated 3 years ago
- ☆36Updated 2 years ago
- Let's try to create a rootkit!☆20Updated 4 years ago
- Evasive Process Hollowing Techniques☆135Updated 4 years ago
- lpe poc for cve-2022-21882☆49Updated 3 years ago
- Resources and articles I need to take a look at. Mostly about malware/exploit development and analysis.☆81Updated 3 years ago
- Linux Kernel module-less implant (backdoor)☆71Updated 3 years ago
- ☆86Updated 2 years ago
- PoC MSVC COFF Object file loader/injector.☆170Updated 3 years ago
- Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…☆105Updated last week
- Cross-platform RAT, written in C☆79Updated 2 years ago
- Windows LPE exploit for CVE-2022-37969☆132Updated last year
- EDR Detector that can find what kind of endpoint solution is being used according to drivers in the system.☆92Updated 3 years ago
- Finding secrets in kernel and user memory☆113Updated last year
- ☆67Updated last year
- 「🧊」Ring 3 Rootkit for Windows 10☆59Updated 2 months ago
- Bypass Malware Time Delays☆100Updated 2 years ago