h3xduck / UmbraLinks
A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malware and more.
☆131Updated 4 years ago
Alternatives and similar repositories for Umbra
Users that are interested in Umbra are comparing it to the libraries listed below
Sorting:
- LD_PRELOAD rootkit☆137Updated last year
- A local LKM rootkit loader/dropper that lists available security mechanisms☆52Updated 4 years ago
- Multi-threaded, multi-os/platform (Linux/Windows) c2 server and Windows reverse TCP shell client both written in C.☆121Updated 3 years ago
- Embed an executable as a PE resource, drops and launches it in runtime.☆66Updated 4 years ago
- (Sim)ulate (Ba)zar Loader☆29Updated 5 years ago
- Linux Kernel module-less implant (backdoor)☆74Updated 4 years ago
- Binary to shellcode from an object/executable format 32 & 64-bit PE , ELF☆74Updated 4 years ago
- ☆37Updated 9 months ago
- bdvl☆115Updated 3 years ago
- Malware indetectable, with AV bypass techniques, anti-disassembly, etc.☆108Updated 5 years ago
- This is a simple example of DLL hijacking enabling proxy execution.☆66Updated 2 years ago
- ☆57Updated 3 years ago
- MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit☆41Updated 2 years ago
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated 3 years ago
- Attacking the cleanup_module function of a kernel module☆54Updated 5 months ago
- Let's try to create a rootkit!☆20Updated 5 years ago
- A Flask-based HTTP(S) command and control (C2) with a web frontend. Malleable agent written in Go.☆36Updated 2 years ago
- An evil bit backdoor for iptables☆54Updated 4 years ago
- Malicious Shortcut(.lnk) Generator☆86Updated 7 years ago
- Compile shellcode into an exe file from Windows or Linux.☆70Updated 6 months ago
- Paracosme is a zero-click remote memory corruption exploit that compromises ICONICS Genesis64 which was demonstrated successfully on stag…☆89Updated 2 years ago
- Remote Code Execution on Microsoft Exchange Server through fixed cryptographic keys☆22Updated 4 years ago
- Resources and articles I need to take a look at. Mostly about malware/exploit development and analysis.☆85Updated 3 years ago
- Injects shellcode into remote processes using direct syscalls☆77Updated 4 years ago
- Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…☆110Updated 10 months ago
- C++ Windows Reverse Shell - Universal DLL Hijack | SSL Encryption | Statically Linked☆89Updated 5 years ago
- Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10☆37Updated 3 years ago
- UAC bypass abusing WinSxS in "wusa.exe". Referred from and similar to: https://github.com/L3cr0f/DccwBypassUAC , Kudos to L3cr0f and Fuz…☆33Updated 4 years ago
- A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…☆90Updated 3 months ago
- Rootkit Development tutorial series. Works on Kernel version 4.15 Can be adapted for 5.3+☆44Updated 3 years ago