joaoviictorti / shadow-rs
Windows Kernel Rootkit in Rust
☆521Updated 3 weeks ago
Alternatives and similar repositories for shadow-rs:
Users that are interested in shadow-rs are comparing it to the libraries listed below
- Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus)☆526Updated last year
- Rusty Rootkit - Windows Kernel Rookit in Rust (Codename: Eagle)☆546Updated last year
- Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls☆364Updated 5 months ago
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆527Updated 3 weeks ago
- Rusty Arsenal - A collection of experimental Process Injection and Post-Exploitation Techniques in Rust☆248Updated last year
- ROP-based sleep obfuscation to evade memory scanners☆337Updated last month
- COM ViewLogger — new malware keylogging technique☆347Updated 2 months ago
- Dynamically invoke arbitrary unmanaged code☆336Updated 4 months ago
- Real fucking shellcode encryptor & obfuscator tool☆815Updated last month
- Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)☆334Updated last year
- Complete list of LPE exploits for Windows (starting from 2023)☆763Updated last week
- Because AV evasion should be easy.☆678Updated 4 months ago
- Evasive shellcode loader☆350Updated 5 months ago
- A command and control framework written in rust.☆316Updated last month
- Template-based shellcode packer written in Rust, with indirect syscall support. Made with <3 for pentesters.☆266Updated 8 months ago
- Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of…☆345Updated 5 months ago
- Tool to decrypt App-Bound encrypted keys in Chrome 127+, using the IElevator COM interface with path validation and encryption protection…☆338Updated 4 months ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆656Updated 2 weeks ago
- A Linux kernel rootkit in Rust using a custom made type-2 hypervisor, eBPF XDP and TC programs☆274Updated 2 months ago
- ☆225Updated 2 months ago
- FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loadi…☆272Updated 6 months ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆209Updated 2 years ago
- Threadless Process Injection through entry point hijacking☆343Updated 6 months ago
- Windows Defender Killer | C++ Code Disabling Permanently Windows Defender using Registry Keys☆447Updated last year
- Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.☆278Updated 10 months ago
- Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.☆291Updated 11 months ago
- Call stack spoofing for Rust☆326Updated last month
- A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…☆252Updated 2 months ago
- Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.☆637Updated last year
- Unorthodox and stealthy way to inject a DLL into the explorer using icons☆309Updated last month