loneicewolf / EXEC_LKMLinks
A LKM (Loadable Kernel Module) to execute a command as root; I include a example of using netcat and a compiled(with source and steps on how to compile) reverse shell provided in C.
☆16Updated 11 months ago
Alternatives and similar repositories for EXEC_LKM
Users that are interested in EXEC_LKM are comparing it to the libraries listed below
Sorting:
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆50Updated 2 years ago
- using the gpu to hide your payload☆59Updated 3 years ago
- Injects shellcode into remote processes using direct syscalls☆79Updated 4 years ago
- Bypass UAC on Windows 10/11 x64 using ms-settings DelegateExecute registry key.☆77Updated 3 years ago
- Crossplatform tool for inject shellcode into .exe and .dll binaries (x86 and x64)☆71Updated last year
- A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…☆129Updated 4 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆105Updated 4 years ago
- A local LKM rootkit loader/dropper that lists available security mechanisms☆52Updated 4 years ago
- (Sim)ulate (Ba)zar Loader☆29Updated 4 years ago
- UAC bypass abusing WinSxS in "wusa.exe". Referred from and similar to: https://github.com/L3cr0f/DccwBypassUAC , Kudos to L3cr0f and Fuz…☆34Updated 4 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆40Updated 4 years ago
- 💻 Windows 10 Kernel-mode rootkit☆32Updated 3 years ago
- 64bit WIndows 10 shellcode dat pops dat calc - Dynamic & Null Free☆65Updated 2 years ago
- abusing Process Hacker driver to terminate other processes (BYOVD)☆84Updated 2 years ago
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated 2 years ago
- A payload delivery system which embeds payloads in an executable's icon file!☆74Updated last year
- Kernel Mode Driver for Elevating Process Privileges☆133Updated 2 years ago
- A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows☆53Updated 4 years ago
- NT AUTHORITY\SYSTEM☆39Updated 5 years ago
- A C implementation of the Sektor7 "A Thief" Windows privesc technique.☆66Updated 3 years ago
- Project for identifying executables and DLLs vulnerable to environment-variable based DLL hijacking.☆60Updated 3 years ago
- Recreating and reviewing the Windows persistence methods☆39Updated 3 years ago
- A simple PoC to invoke an encrypted shellcode by using an hidden call☆116Updated 2 years ago
- ☆112Updated 2 years ago
- Bypass UAC by abusing the Internet Explorer Add-on installer☆54Updated 4 years ago
- Hijack Printconfig.dll to execute shellcode☆99Updated 4 years ago
- Offensive RPC PoC☆91Updated 3 years ago
- Standalone Metasploit-like XOR encoder for shellcode☆50Updated last year
- Bypass Windows defender syscall☆19Updated 4 years ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆56Updated 3 years ago