joaoviictorti / shadow-rsLinks
Windows Kernel Rootkit in Rust
☆659Updated 2 weeks ago
Alternatives and similar repositories for shadow-rs
Users that are interested in shadow-rs are comparing it to the libraries listed below
Sorting:
- Sanctum is an experimental proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antiv…☆426Updated 2 weeks ago
- Centralized resource for listing and organizing known injection techniques and POCs☆646Updated last month
- Rusty Rootkit - Windows Kernel Rookit in Rust (Codename: Eagle)☆566Updated 2 years ago
- Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus)☆551Updated 2 years ago
- Because AV evasion should be easy.☆823Updated 11 months ago
- Evasion by machine code de-optimization.☆408Updated last year
- A Linux kernel rootkit in Rust using a custom made type-2 hypervisor, eBPF XDP and TC programs☆331Updated 4 months ago
- Complete list of LPE exploits for Windows (starting from 2023)☆835Updated 2 months ago
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆567Updated 2 months ago
- ☆32Updated 9 months ago
- Template-based shellcode packer written in Rust, with indirect syscall support. Made with <3 for pentesters.☆300Updated 4 months ago
- Evasive shellcode loader☆390Updated last year
- ROP-based sleep obfuscation to evade memory scanners☆365Updated 4 months ago
- BYOVD research use cases featuring vulnerable driver discovery and reverse engineering methodology. (CVE-2025-52915, CVE-2025-1055,).☆402Updated last week
- Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls☆380Updated last year
- Real fucking shellcode encryptor & obfuscator tool☆947Updated last week
- RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust 🦀☆1,759Updated 2 weeks ago
- A command and control framework written in rust.☆374Updated last month
- Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)☆352Updated last year
- Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST☆719Updated 2 years ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆721Updated 2 months ago
- Performing Indirect Clean Syscalls☆582Updated 2 years ago
- Shoggoth: Asmjit Based Polymorphic Encryptor☆753Updated last year
- Now You See Me, Now You Don't☆986Updated last month
- COM ViewLogger — new malware keylogging technique☆393Updated 9 months ago
- Fully decrypt App-Bound Encrypted (ABE) cookies, passwords & payment methods from Chromium-based browsers (Chrome, Brave, Edge) - all in …☆1,109Updated 2 weeks ago
- Threadless Process Injection through entry point hijacking☆348Updated last year
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆569Updated last year
- FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loadi…☆382Updated last year
- A set of fully-undetectable process injection techniques abusing Windows Thread Pools☆1,184Updated last year