loneicewolf / EXEC_LKMLinks
A LKM (Loadable Kernel Module) to execute a command as root; I include a example of using netcat and a compiled(with source and steps on how to compile) reverse shell provided in C.
☆16Updated last year
Alternatives and similar repositories for EXEC_LKM
Users that are interested in EXEC_LKM are comparing it to the libraries listed below
Sorting:
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆49Updated 2 years ago
- Injects shellcode into remote processes using direct syscalls☆77Updated 5 years ago
- (Sim)ulate (Ba)zar Loader☆29Updated 5 years ago
- Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.☆78Updated 2 years ago
- A local LKM rootkit loader/dropper that lists available security mechanisms☆52Updated 4 years ago
- using the gpu to hide your payload☆63Updated 3 years ago
- 64bit WIndows 10 shellcode dat pops dat calc - Dynamic & Null Free☆65Updated 2 years ago
- Crossplatform tool for inject shellcode into .exe and .dll binaries (x86 and x64)☆74Updated 2 weeks ago
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated 3 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆106Updated 5 years ago
- A simple PoC to invoke an encrypted shellcode by using an hidden call☆116Updated 3 years ago
- Recreating and reviewing the Windows persistence methods☆39Updated 4 years ago
- A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows☆53Updated 4 years ago
- Standalone Metasploit-like XOR encoder for shellcode☆50Updated last year
- NT AUTHORITY\SYSTEM☆43Updated 5 years ago
- Windows API Hashes used in the malwares☆42Updated 10 years ago
- Bypass UAC on Windows 10/11 x64 using ms-settings DelegateExecute registry key.☆81Updated 3 years ago
- Compile shellcode into an exe file from Windows or Linux.☆70Updated 7 months ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆39Updated 5 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆115Updated 4 years ago
- Process Hollowing demonstration & explanation☆35Updated 4 years ago
- A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…☆97Updated 6 years ago
- ☆57Updated 4 years ago
- A C implementation of the Sektor7 "A Thief" Windows privesc technique.☆69Updated 3 years ago
- Assembly block for hooking windows API functions.☆92Updated 6 years ago
- UUID based Shellcode loader for your favorite C2☆86Updated 4 years ago
- ☆113Updated 3 years ago
- Bypass UAC by abusing the Internet Explorer Add-on installer☆56Updated 4 years ago
- Simple ransomware written in Rust. Part of the building a rustomware blog post.☆34Updated 2 years ago
- Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses☆41Updated 5 years ago