loneicewolf / EXEC_LKMLinks
A LKM (Loadable Kernel Module) to execute a command as root; I include a example of using netcat and a compiled(with source and steps on how to compile) reverse shell provided in C.
☆16Updated last year
Alternatives and similar repositories for EXEC_LKM
Users that are interested in EXEC_LKM are comparing it to the libraries listed below
Sorting:
- Injects shellcode into remote processes using direct syscalls☆77Updated 4 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆106Updated 4 years ago
- A local LKM rootkit loader/dropper that lists available security mechanisms☆52Updated 4 years ago
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated 3 years ago
- using the gpu to hide your payload☆62Updated 3 years ago
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆50Updated 2 years ago
- Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.☆78Updated 2 years ago
- A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…☆129Updated 4 years ago
- Crossplatform tool for inject shellcode into .exe and .dll binaries (x86 and x64)☆73Updated last year
- Project for identifying executables and DLLs vulnerable to environment-variable based DLL hijacking.☆60Updated 3 years ago
- Assembly block for hooking windows API functions.☆93Updated 6 years ago
- A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows☆53Updated 4 years ago
- (Sim)ulate (Ba)zar Loader☆29Updated 5 years ago
- Bypass UAC by abusing the Internet Explorer Add-on installer☆55Updated 4 years ago
- 64bit WIndows 10 shellcode dat pops dat calc - Dynamic & Null Free☆65Updated 2 years ago
- lpe poc for cve-2022-21882☆49Updated 3 years ago
- abusing Process Hacker driver to terminate other processes (BYOVD)☆84Updated 2 years ago
- ☆57Updated 3 years ago
- Hijack Printconfig.dll to execute shellcode☆99Updated 4 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆40Updated 4 years ago
- Process Hollowing demonstration & explanation☆34Updated 4 years ago
- Injects HTML/PHP/ASP to the PE☆103Updated 5 years ago
- Offensive RPC PoC☆88Updated 4 years ago
- Small POC for process ghosting☆40Updated 3 years ago
- A simple PoC to invoke an encrypted shellcode by using an hidden call☆116Updated 3 years ago
- From directory deletion to SYSTEM shell☆111Updated 5 years ago
- Simple ransomware written in Rust. Part of the building a rustomware blog post.☆34Updated 2 years ago
- Recreating and reviewing the Windows persistence methods☆39Updated 4 years ago
- UUID based Shellcode loader for your favorite C2☆86Updated 3 years ago
- 💻 Windows 10 Kernel-mode rootkit☆32Updated 3 years ago