h3xduck / UmbraLinks
A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malware and more.
☆133Updated 4 years ago
Alternatives and similar repositories for Umbra
Users that are interested in Umbra are comparing it to the libraries listed below
Sorting:
- LD_PRELOAD rootkit☆137Updated last year
- ☆59Updated 4 years ago
- A local LKM rootkit loader/dropper that lists available security mechanisms☆52Updated 4 years ago
- Multi-threaded, multi-os/platform (Linux/Windows) c2 server and Windows reverse TCP shell client both written in C.☆121Updated 3 years ago
- A Flask-based HTTP(S) command and control (C2) with a web frontend. Malleable agent written in Go.☆36Updated 2 years ago
- Embed an executable as a PE resource, drops and launches it in runtime.☆64Updated 4 years ago
- (Sim)ulate (Ba)zar Loader☆29Updated 5 years ago
- ☆37Updated 10 months ago
- The AMSI server for Avred☆33Updated 2 years ago
- Let's try to create a rootkit!☆19Updated 5 years ago
- A shellcode generator with encryption, encoding and polymorphism facilities built-in☆34Updated 3 years ago
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated 3 years ago
- bdvl☆115Updated 3 years ago
- Binary to shellcode from an object/executable format 32 & 64-bit PE , ELF☆75Updated 4 years ago
- Windows internals and exploitation tricks☆112Updated 2 months ago
- Finding secrets in kernel and user memory☆116Updated 2 years ago
- Resources and articles I need to take a look at. Mostly about malware/exploit development and analysis.☆86Updated 4 years ago
- An evil bit backdoor for iptables☆55Updated 4 years ago
- This is a simple example of DLL hijacking enabling proxy execution.☆70Updated 2 years ago
- Attacking the cleanup_module function of a kernel module☆53Updated 7 months ago
- Simple ransomware written in Rust. Part of the building a rustomware blog post.☆35Updated 2 years ago
- C++ Windows Reverse Shell - Universal DLL Hijack | SSL Encryption | Statically Linked☆90Updated 5 years ago
- Paracosme is a zero-click remote memory corruption exploit that compromises ICONICS Genesis64 which was demonstrated successfully on stag…☆89Updated 2 years ago
- An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses☆66Updated 3 years ago
- Malware indetectable, with AV bypass techniques, anti-disassembly, etc.☆109Updated 5 years ago
- Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…☆111Updated 11 months ago
- Malicious Shortcut(.lnk) Generator☆86Updated 7 years ago
- Injects HTML/PHP/ASP to the PE☆104Updated 5 years ago
- Project for identifying executables and DLLs vulnerable to environment-variable based DLL hijacking.☆62Updated 3 years ago
- -x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x- LD_PRELOAD based user-land rootkit for Linux platform.☆27Updated 5 years ago