h3xduck / UmbraLinks
A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malware and more.
☆127Updated 3 years ago
Alternatives and similar repositories for Umbra
Users that are interested in Umbra are comparing it to the libraries listed below
Sorting:
- LD_PRELOAD rootkit☆132Updated last year
- A local LKM rootkit loader/dropper that lists available security mechanisms☆52Updated 3 years ago
- bdvl☆113Updated 3 years ago
- Attacking the cleanup_module function of a kernel module☆36Updated 2 months ago
- Finding secrets in kernel and user memory☆116Updated last year
- Bypass Malware Sandbox Evasion Ram check☆137Updated 2 years ago
- -x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x- LD_PRELOAD based user-land rootkit for Linux platform.☆27Updated 4 years ago
- Malware indetectable, with AV bypass techniques, anti-disassembly, etc.☆97Updated 5 years ago
- ☆113Updated 3 years ago
- Injects shellcode into remote processes using direct syscalls☆78Updated 4 years ago
- A repository dedicated to researching, documenting, developing, and ultimately, defending against various strains of malicious software.☆33Updated 2 months ago
- A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…☆90Updated last year
- ☆67Updated 2 years ago
- A shellcode generator with encryption, encoding and polymorphism facilities built-in☆33Updated 3 years ago
- EDR Detector that can find what kind of endpoint solution is being used according to drivers in the system.☆94Updated 3 years ago
- Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…☆106Updated 3 months ago
- Binary to shellcode from an object/executable format 32 & 64-bit PE , ELF☆73Updated 4 years ago
- MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit☆40Updated last year
- An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses☆66Updated 3 years ago
- ☆38Updated 3 months ago
- Deleting Shadow Copies In Pure C++☆114Updated 2 years ago
- GhostWriting Injection Technique.☆175Updated 7 years ago
- Detect strange memory regions and DLLs☆183Updated 3 years ago
- PoC MSVC COFF Object file loader/injector.☆177Updated 4 years ago
- Process Ghosting Tool☆174Updated 3 years ago
- A simple PoC to invoke an encrypted shellcode by using an hidden call☆116Updated 2 years ago
- using the gpu to hide your payload☆58Updated 2 years ago
- A Flask-based HTTP(S) command and control (C2) with a web frontend. Malleable agent written in Go.☆36Updated last year
- Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.☆108Updated 3 years ago
- Linux Kernel module-less implant (backdoor)☆72Updated 4 years ago