Alternatives and similar repositories for rooty:

Users that are interested in rooty are comparing it to the libraries listed below

• shogunlab / building-c2-implants-in-cpp
  The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).
  ☆229Updated 4 months ago
• connormcgarr / Kernel-Exploits
  Kernel Exploits
  ☆252Updated 3 years ago
• mav8557 / Father
  LD_PRELOAD rootkit
  ☆131Updated last year
• sad0p / d0zer
  Elf binary infector written in Go.
  ☆209Updated 4 months ago
• reveng007 / reveng_rtkit
  Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypa…
  ☆250Updated last year
• VoidSec / Exploit-Development
  Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
  ☆222Updated last year
• carloslack / KoviD
  Red-Team Linux kernel rootkit
  ☆364Updated 2 weeks ago
• therealdreg / x64dbg-exploiting
  Do you want to use x64dbg instead of immunity debugger? oscp eCPPTv2 buffer overflow exploits pocs
  ☆87Updated last year
• uf0o / rootkit-arsenal-guacamole
  An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples
  ☆70Updated 3 years ago
• BishopFox / asminject
  Heavily-modified fork of David Buchanan's dlinject project. Injects arbitrary assembly (or precompiled binary) payloads directly into x86…
  ☆130Updated 2 years ago
• ByteHackr / WindowsExploitation
  A curated list of awesome Windows Exploitation resources, and shiny things.
  ☆74Updated 7 years ago
• h3xduck / Umbra
  A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…
  ☆126Updated 3 years ago
• D4stiny / ExceptionOrientedProgramming
  Abusing exceptions for code execution.
  ☆110Updated 2 years ago
• Error996 / bdvl
  bdvl
  ☆113Updated 3 years ago
• hasherezade / process_overwriting
  Yet another variant of Process Hollowing
  ☆392Updated 3 months ago
• c0de90e7 / GhostWriting
  GhostWriting Injection Technique.
  ☆171Updated 7 years ago
• leandrofroes / gftrace
  A command line Windows API tracing tool for Golang binaries.
  ☆156Updated last year
• hasherezade / masm_shc
  A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.
  ☆178Updated 2 weeks ago
• Andy53 / ERC.Xdbg
  An Xdbg Plugin of the ERC Library.
  ☆178Updated last week
• deepinstinct / Dirty-Vanity
  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
  ☆635Updated 2 years ago
• W3ndige / linux-process-injection
  Proof of concept for injecting simple shellcode via ptrace into a running process.
  ☆69Updated 2 years ago
• sha0coder / mwemu
  x86 malware emulator
  ☆217Updated last month
• SaadAhla / HeapCrypt
  Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap
  ☆240Updated last year
• waleedassar / RestrictedKernelLeaks
  ☆159Updated 3 years ago
• R3tr074 / brokepkg
  The LKM rootkit working in Linux Kernels 2.6.x/3.x/4.x/5.x
  ☆128Updated last year
• lcashdol / UPX
  A utility to fix intentionally corrupted UPX packed files.
  ☆85Updated last year
• Dec0ne / HWSyscalls
  HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
  ☆668Updated last year
• romainthomas / reverse-engineering-workshop
  Slides & Hands-on for the reverse engineering workshop
  ☆178Updated 2 years ago
• trustedsec / ELFLoader
  ☆269Updated 2 years ago
• malware-unicorn / GoPEInjection
  Golang PE injection on windows
  ☆167Updated 3 years ago