iammaguire / Salient-RootkitView external linksLinks
A kernel mode Windows rootkit in development.
☆49Dec 31, 2021Updated 4 years ago
Alternatives and similar repositories for Salient-Rootkit
Users that are interested in Salient-Rootkit are comparing it to the libraries listed below
Sorting:
- automates exploits using ROP chains, using ntdll-scraper☆16May 26, 2022Updated 3 years ago
- Recreation of Lode Runner The Legend Returns☆14Feb 13, 2020Updated 6 years ago
- Скрытие строки от отладчиков и декомпиляторов☆51Oct 16, 2019Updated 6 years ago
- A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.☆21May 25, 2021Updated 4 years ago
- Reverse engineered source code of the autochk rootkit☆208Nov 1, 2019Updated 6 years ago
- c++ implementation of windows heavens gate☆70Feb 12, 2021Updated 5 years ago
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Oct 7, 2022Updated 3 years ago
- Simple code to manipulate the memory of a usermode process from kernel.☆14Apr 24, 2023Updated 2 years ago
- Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …☆23Sep 18, 2017Updated 8 years ago
- Hide codes/data in the kernel address space.☆188May 8, 2021Updated 4 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆64Jun 19, 2019Updated 6 years ago
- ☆16Oct 31, 2022Updated 3 years ago
- a frame of amd-v svm nest☆53Apr 7, 2020Updated 5 years ago
- 锁主页驱动☆42Mar 14, 2019Updated 6 years ago
- ☆11Jun 24, 2024Updated last year
- 利用物理内存映射,实现虚拟内存的伪隐藏☆86Sep 15, 2022Updated 3 years ago
- ☆26Dec 29, 2021Updated 4 years ago
- Automatically exported from code.google.com/p/wskudp☆43Feb 3, 2016Updated 10 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- Windows system spy for Mouse, Keyboard and Gamepad(Joystick).☆15Jul 6, 2022Updated 3 years ago
- (shard of furikuri project) assambler for code obfuscation☆19Oct 29, 2019Updated 6 years ago
- ☆12Oct 19, 2017Updated 8 years ago
- ☆40Nov 5, 2019Updated 6 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆119Feb 8, 2022Updated 4 years ago
- All Nt Syscall and W32k Syscall in one asm, include, and call it!☆58Nov 4, 2021Updated 4 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 3 years ago
- A simple x86_64 AMD-v hypervisor type-2 Programmed with C++, with soon to be added syscall hooks. [W.I.P]☆103Aug 3, 2023Updated 2 years ago
- Open Anti Cheat☆27Jul 16, 2022Updated 3 years ago
- VT-based PCI device monitor (SPI)☆158Oct 29, 2020Updated 5 years ago
- Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…☆218Feb 20, 2023Updated 2 years ago
- windows kernelmode driver to inject dll into each and every process and perform systemwide function hooking☆53Aug 28, 2022Updated 3 years ago
- network filter driver that control network send speed, based on windows tdi framework.☆31Feb 16, 2024Updated last year
- NINA: No Injection, No Allocation x64 Process Injection Technique☆227Jun 9, 2020Updated 5 years ago
- An minifilter-based transparent encryptor on Windows.☆30Feb 27, 2017Updated 8 years ago
- Code to make it easier to write an NDIS network driver on Windows☆92Oct 1, 2023Updated 2 years ago
- 粗暴地枚举管理内核的WFP对象。 Manage kernel WFPs in a brutal way.☆27Jan 14, 2018Updated 8 years ago
- Open-source EDR kernel-component for system monitoring and DLL injection☆33Nov 14, 2020Updated 5 years ago
- init☆14Mar 16, 2020Updated 5 years ago
- Microsoft Edge Microsoft Edge主页算法☆20Apr 15, 2019Updated 6 years ago