h3xduck / Umbra
A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malware and more.
☆122Updated 3 years ago
Alternatives and similar repositories for Umbra:
Users that are interested in Umbra are comparing it to the libraries listed below
- Malware indetectable, with AV bypass techniques, anti-disassembly, etc.☆91Updated 4 years ago
- LD_PRELOAD rootkit☆131Updated last year
- -x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x- LD_PRELOAD based user-land rootkit for Linux platform.☆27Updated 4 years ago
- A local LKM rootkit loader/dropper that lists available security mechanisms☆52Updated 3 years ago
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated 2 years ago
- DDoor - cross platform backdoor using dns txt records☆30Updated 3 years ago
- ☆36Updated 3 weeks ago
- A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…☆90Updated last year
- BPFDoor Source Code. Originally found from Chinese Threat Actor Red Menshen☆44Updated 2 years ago
- Bypass Malware Sandbox Evasion Ram check☆137Updated 2 years ago
- bdvl☆113Updated 3 years ago
- Stealth dropper executing remote binaries without dropping them on disk .(HTTP3 support, ICMP support, invisible tracks, cross-platform,.…☆195Updated 8 months ago
- Linux Kernel module-less implant (backdoor)☆72Updated 4 years ago
- MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit☆39Updated last year
- (Sim)ulate (Ba)zar Loader☆29Updated 4 years ago
- using the gpu to hide your payload☆56Updated 2 years ago
- A Flask-based HTTP(S) command and control (C2) with a web frontend. Malleable agent written in Go.☆36Updated last year
- Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10☆38Updated 2 years ago
- Injects shellcode into remote processes using direct syscalls☆77Updated 4 years ago
- Bypass UAC by abusing the Internet Explorer Add-on installer☆51Updated 3 years ago
- Resources and articles I need to take a look at. Mostly about malware/exploit development and analysis.☆82Updated 3 years ago
- An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples☆69Updated 2 years ago
- A PE/ELF/MachO Crypter for x86 and x86_64 Based on Radare2☆138Updated 2 years ago
- PoC of a UEFI Petya ransomware☆41Updated 2 years ago
- UAC bypass abusing WinSxS in "wusa.exe". Referred from and similar to: https://github.com/L3cr0f/DccwBypassUAC , Kudos to L3cr0f and Fuz…☆33Updated 3 years ago
- Finding secrets in kernel and user memory☆115Updated last year
- Deleting Shadow Copies In Pure C++☆114Updated 2 years ago
- Bypass Malware Time Delays☆100Updated 2 years ago
- Recreating and reviewing the Windows persistence methods☆37Updated 3 years ago
- ☆63Updated 2 years ago