klecko / Rootkit
Let's try to create a rootkit!
☆20Updated 5 years ago
Alternatives and similar repositories for Rootkit:
Users that are interested in Rootkit are comparing it to the libraries listed below
- (Sim)ulate (Ba)zar Loader☆29Updated 4 years ago
- File Write Weapon for Privilege Escalation To get SYSTEM☆17Updated 4 years ago
- Code snippets for exploring malware techniques in C.☆12Updated last year
- C# implementation of Shellcode delivery techniques using PInvoke and DInvoke variations for API calling.☆35Updated 3 years ago
- Video files for eBook: "Bypassing AVs by C#.NET Programming"☆41Updated last year
- "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …☆39Updated 4 years ago
- Remote Code Execution on Microsoft Exchange Server through fixed cryptographic keys☆20Updated 3 years ago
- Collection of shellcode injection and execution techniques☆16Updated 3 years ago
- Reverse shell macro using Word VBA☆14Updated 4 years ago
- This is a 64 bit VBA implementation of Christophe Tafani-Dereeper's original VBA code described in his blog @ https://blog.christophetd.f…☆20Updated 5 years ago
- Recreating and reviewing the Windows persistence methods☆37Updated 3 years ago
- Injects shellcode into remote processes using direct syscalls☆77Updated 4 years ago
- Extracting Clear Text Passwords from mstsc.exe using API Hooking.☆16Updated 5 years ago
- Arbitrary File Delete in Windows Installer before 10.0.19045.2193☆29Updated 2 years ago
- I used this to see if an EDR is running in Safe Mode☆36Updated 4 years ago
- A simple dumper as FreshyCalls' PoC. That's what's trendy, isn't it? ¯\_(ツ)_/¯☆40Updated 4 years ago
- Just another casual shellcode native loader☆24Updated 3 years ago
- A small commented POC for removing API hooks placed by AV/EDR.☆33Updated 4 years ago
- The source code of the SLAE assignments documented at https://rastating.github.io/☆23Updated 6 years ago
- ☆17Updated 4 years ago
- A simple injector that uses LoadLibraryA☆17Updated 4 years ago
- CVE-2019-1064 Local Privilege Escalation Vulnerability☆24Updated 5 years ago
- 64bit Windows 10 shellcode that adds user BOKU:SP3C1ALM0V3 to the system and the localgroups Administrators & "Remote Desktop Users"☆38Updated 3 years ago
- AmsiHook is a project I created to figure out a bypass to AMSI via function hooking.☆64Updated 4 years ago
- adding a backdooruser using win32api☆80Updated 4 years ago
- NT AUTHORITY\SYSTEM☆39Updated 4 years ago
- Out-of-the-Box Tool to Obfuscate Excel XLS. Include Obfuscation & Hide for Cell Labels & BoundSheets☆48Updated 3 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆39Updated 4 years ago
- Run PowerShell command without invoking powershell.exe☆35Updated 3 years ago
- Applying some AV evasion techniques on a metasploit reverse shell☆18Updated 4 years ago