h3xduck / UmbraLinks
A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malware and more.
☆127Updated 3 years ago
Alternatives and similar repositories for Umbra
Users that are interested in Umbra are comparing it to the libraries listed below
Sorting:
- A local LKM rootkit loader/dropper that lists available security mechanisms☆52Updated 3 years ago
- LD_PRELOAD rootkit☆132Updated last year
- -x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x- LD_PRELOAD based user-land rootkit for Linux platform.☆27Updated 4 years ago
- ☆55Updated 3 years ago
- bdvl☆113Updated 3 years ago
- Malware indetectable, with AV bypass techniques, anti-disassembly, etc.☆98Updated 5 years ago
- Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)☆222Updated 2 years ago
- A collection of Linux kernel rootkits found across the internet taken and put together☆76Updated 2 years ago
- A Flask-based HTTP(S) command and control (C2) with a web frontend. Malleable agent written in Go.☆36Updated last year
- The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).☆229Updated 6 months ago
- Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…☆106Updated 4 months ago
- PoC MSVC COFF Object file loader/injector.☆177Updated 4 years ago
- Shellcodev is a tool designed to help and automate the process of shellcode creation.☆110Updated last year
- An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples☆70Updated 3 years ago
- ☆96Updated 3 years ago
- C++ Windows Reverse Shell - Universal DLL Hijack | SSL Encryption | Statically Linked☆88Updated 5 years ago
- A repository dedicated to researching, documenting, developing, and ultimately, defending against various strains of malicious software.☆35Updated 3 months ago
- Bypass Malware Sandbox Evasion Ram check☆137Updated 2 years ago
- Finding secrets in kernel and user memory☆116Updated last year
- Cobalt Strike 4.4 Full cracked☆19Updated 3 years ago
- An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses☆66Updated 3 years ago
- A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…☆90Updated last year
- Golang PE injection on windows☆166Updated 3 years ago
- Resources and articles I need to take a look at. Mostly about malware/exploit development and analysis.☆83Updated 3 years ago
- ☆133Updated 2 years ago
- ☆113Updated 3 years ago
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated 2 years ago
- Injects shellcode into remote processes using direct syscalls☆79Updated 4 years ago
- Detect strange memory regions and DLLs☆184Updated 3 years ago
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆81Updated last year