h3xduck / UmbraLinks
A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malware and more.
☆130Updated 4 years ago
Alternatives and similar repositories for Umbra
Users that are interested in Umbra are comparing it to the libraries listed below
Sorting:
- LD_PRELOAD rootkit☆136Updated last year
- Malware indetectable, with AV bypass techniques, anti-disassembly, etc.☆107Updated 5 years ago
- ☆37Updated 7 months ago
- ☆55Updated 3 years ago
- A local LKM rootkit loader/dropper that lists available security mechanisms☆52Updated 4 years ago
- Multi-threaded, multi-os/platform (Linux/Windows) c2 server and Windows reverse TCP shell client both written in C.☆121Updated 3 years ago
- A Flask-based HTTP(S) command and control (C2) with a web frontend. Malleable agent written in Go.☆36Updated 2 years ago
- Linux Kernel module-less implant (backdoor)☆74Updated 4 years ago
- A LKM (Loadable Kernel Module) to execute a command as root; I include a example of using netcat and a compiled(with source and steps on…☆16Updated last year
- An evil bit backdoor for iptables☆54Updated 4 years ago
- -x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x- LD_PRELOAD based user-land rootkit for Linux platform.☆28Updated 4 years ago
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated 3 years ago
- Cross-platform RAT, written in C☆88Updated 3 years ago
- Let's try to create a rootkit!☆20Updated 5 years ago
- MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit☆41Updated last year
- (Sim)ulate (Ba)zar Loader☆29Updated 4 years ago
- Embed an executable as a PE resource, drops and launches it in runtime.☆62Updated 4 years ago
- This is a simple example of DLL hijacking enabling proxy execution.☆64Updated 2 years ago
- Paracosme is a zero-click remote memory corruption exploit that compromises ICONICS Genesis64 which was demonstrated successfully on stag…☆89Updated 2 years ago
- Recreating and reviewing the Windows persistence methods☆39Updated 3 years ago
- In line function hooking LKM rootkit☆52Updated 5 years ago
- Windows Exploit List☆16Updated 6 years ago
- Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…☆107Updated 8 months ago
- A payload delivery system which embeds payloads in an executable's icon file!☆74Updated last year
- An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses☆67Updated 3 years ago
- bdvl☆114Updated 3 years ago
- Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10☆37Updated 2 years ago
- Binary to shellcode from an object/executable format 32 & 64-bit PE , ELF☆74Updated 4 years ago
- Rootkit Development tutorial series. Works on Kernel version 4.15 Can be adapted for 5.3+☆44Updated 3 years ago
- A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…☆91Updated last month