joaoviictorti / shadow-rsLinks
Windows Kernel Rootkit in Rust
☆620Updated 3 weeks ago
Alternatives and similar repositories for shadow-rs
Users that are interested in shadow-rs are comparing it to the libraries listed below
Sorting:
- Because AV evasion should be easy.☆749Updated 6 months ago
- Centralized resource for listing and organizing known injection techniques and POCs☆583Updated last month
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆541Updated last month
- Complete list of LPE exploits for Windows (starting from 2023)☆798Updated last week
- Rusty Arsenal - A collection of experimental Process Injection and Post-Exploitation Techniques in Rust☆270Updated last year
- A Linux kernel rootkit in Rust using a custom made type-2 hypervisor, eBPF XDP and TC programs☆335Updated this week
- Evasive shellcode loader☆368Updated 8 months ago
- Dynamically invoke arbitrary unmanaged code☆348Updated 7 months ago
- ROP-based sleep obfuscation to evade memory scanners☆357Updated this week
- Rusty Rootkit - Windows Kernel Rookit in Rust (Codename: Eagle)☆559Updated 2 years ago
- Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus)☆538Updated last year
- Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)☆340Updated last year
- Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls☆370Updated 8 months ago
- Shellcode loader generator with multiples features☆485Updated 5 months ago
- ☆7Updated 5 months ago
- Real fucking shellcode encryptor & obfuscator tool☆913Updated last month
- A set of fully-undetectable process injection techniques abusing Windows Thread Pools☆1,127Updated last year
- A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…☆296Updated last month
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆523Updated last year
- Threadless Process Injection through entry point hijacking☆345Updated 9 months ago
- A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders imp…☆314Updated 8 months ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆688Updated 3 months ago
- Performing Indirect Clean Syscalls☆558Updated 2 years ago
- Unorthodox and stealthy way to inject a DLL into the explorer using icons☆320Updated last month
- Analyse your malware to surgically obfuscate it☆474Updated 3 weeks ago
- LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and r…☆351Updated last month
- Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of…☆397Updated last week
- ☆397Updated 6 months ago
- A command and control framework written in rust.☆348Updated 4 months ago
- LPE exploit for CVE-2023-21768☆490Updated last year