loneicewolf/KernelMode-Code external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

loneicewolf/KernelMode-Code

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/loneicewolf/KernelMode-Code)

Close

loneicewolf / KernelMode-CodeView on GitHubMore

• External links
• Readme badge

2022 Updated Kernelmode-Code

☆32Mar 23, 2024Updated 2 years ago

Alternatives and similar repositories for KernelMode-Code

Users that are interested in KernelMode-Code are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• 0mWindyBug / KeystrokeSniffer

  View on GitHub
  a windows kernel keylogger that works
  ☆20Feb 12, 2024Updated 2 years ago
• alfarom256 / MinifilterResearch

  View on GitHub
  ☆17Oct 31, 2022Updated 3 years ago
• loneicewolf / flame-sourcecode

  View on GitHub
  UPDATED 2022 Flame malware sourcecode available !! Forked. I will later provide my sample of Flame, Duqu and Gauss.
  ☆19Mar 4, 2024Updated 2 years ago
• loneicewolf / DUQU

  View on GitHub
  DUQU MALWARE SOURCE + BINARY + More coming
  ☆14Feb 6, 2023Updated 3 years ago
• KelvinMsft / TechMyths

  View on GitHub
  ☆18Mar 28, 2023Updated 3 years ago
• NordVPN Threat Protection Pro™ • Ad
  Take your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
• loneicewolf / smbdoor

  View on GitHub
  improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys
  ☆49Mar 10, 2023Updated 3 years ago
• loneicewolf / EXEC_LKM

  View on GitHub
  A LKM (Loadable Kernel Module) to execute a command as root; I include a example of using netcat and a compiled(with source and steps on…
  ☆17Oct 8, 2024Updated last year
• CyberSecurityExploitDevelopment / SMBLibrary

  View on GitHub
  Windows CIFS/SMB packet generation and SMB networking library
  ☆12Aug 25, 2020Updated 5 years ago
• loneicewolf / nls_933w_dll

  View on GitHub
  [+] nls_933w.dll + [+] WIN32M.SYS MALWARE- ONLY FOR ACADEMICAL RESEARCH PURPOSES!
  ☆11Sep 20, 2025Updated 6 months ago
• freesoul / netstub

  View on GitHub
  Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.
  ☆17Sep 29, 2018Updated 7 years ago
• dilibili / Hook_KiUserExceptionDispatcher

  View on GitHub
  R3劫持所有异常
  ☆15Jan 4, 2021Updated 5 years ago
• ioncodes / rapid-kdbg-hyperv

  View on GitHub
  ☆15Mar 13, 2023Updated 3 years ago
• waleedassar / ALPC_CLIENT_SERVER

  View on GitHub
  Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.
  ☆21Jan 25, 2022Updated 4 years ago
• klezVirus / DCKFinder

  View on GitHub
  Dangling COM Keys Finder
  ☆17Nov 16, 2021Updated 4 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• alal4465 / Practical-Reverse-Engineering-Solutions

  View on GitHub
  Some drivers I've written while solving exercises from Practical Reverse Engineering
  ☆15Jan 9, 2022Updated 4 years ago
• loneicewolf / Gauss-Src

  View on GitHub
  GAUSS MALWARE Source [Striking similarities with Duqu, FlameR!, Fanny, StuxNet and more.] Source coming soon! + Binaries + Video show…
  ☆18Aug 4, 2022Updated 3 years ago
• vxcall / ZwDetectMemoryRead

  View on GitHub
  neat way to detect memory read using nt layer function.
  ☆13Aug 4, 2023Updated 2 years ago
• crvvdev / intraceptor

  View on GitHub
  Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.
  ☆31May 18, 2022Updated 3 years ago
• huoji120 / Etw-Syscall

  View on GitHub
  https://key08.com/index.php/2021/10/19/1375.html
  ☆72May 11, 2022Updated 3 years ago
• Speedi13 / RuntimeInstaller

  View on GitHub
  Microsoft Redistributable Download & Installer
  ☆19Oct 14, 2019Updated 6 years ago
• msmania / hk

  View on GitHub
  Injector with kernel power
  ☆18Jan 2, 2021Updated 5 years ago
• gabriellandau / CISpotter

  View on GitHub
  Code Integrity Violation Spotter
  ☆17Jun 11, 2024Updated last year
• estimated1337 / lenovo_exec

  View on GitHub
  CVE-2022-3699 with arbitrary kernel code execution capability
  ☆70Dec 27, 2022Updated 3 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• Fyyre / directntapi

  View on GitHub
  DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10
  ☆53Mar 12, 2024Updated 2 years ago
• eddeeh / drv-client

  View on GitHub
  A simple process query/manipulation tool using driver hooked system call. (2019)
  ☆12Aug 30, 2021Updated 4 years ago
• connormcgarr / EATGuard

  View on GitHub
  Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)
  ☆115May 21, 2023Updated 2 years ago
• ajkhoury / Errata1337

  View on GitHub
  ☆69Dec 17, 2020Updated 5 years ago
• hasherezade / pin_n_sieve

  View on GitHub
  An experimental dynamic malware unpacker based on Intel Pin and PE-sieve
  ☆63Aug 21, 2024Updated last year
• 0mWindyBug / MinifilterHook

  View on GitHub
  silence file system monitoring components by hooking their minifilters
  ☆61Jan 31, 2024Updated 2 years ago
• benheise / bootkit

  View on GitHub
  UEFI bootkit: Hardware Implant. In-Progress
  ☆15Mar 7, 2022Updated 4 years ago
• alfarom256 / UserVAtoPhysical

  View on GitHub
  Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address
  ☆23Nov 22, 2021Updated 4 years ago
• klezVirus / LoGiC.NET

  View on GitHub
  A more advanced free and open .NET obfuscator using dnlib.
  ☆10Oct 4, 2022Updated 3 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• KiFilterFiberContext / warbird-obfuscator

  View on GitHub
  Integration of Microsoft Warbird with the MSVC compiler
  ☆134Jul 16, 2023Updated 2 years ago
• loneicewolf / fanny.bmp

  View on GitHub
  fanny.bmp cleaned MALWARE - ONLY FOR ACADEMICAL RESEARCH AND EDUCATIONAL PURPOSES! (incl Metasploit detection Module)
  ☆45Jul 9, 2025Updated 9 months ago
• 0xcpu / exthost

  View on GitHub
  A POC for Windows Extension Host hooking
  ☆24Jul 13, 2019Updated 6 years ago
• Lima-X / XOrCryptEx

  View on GitHub
  XOrCryptEx lightweight C Utility/Algorithm
  ☆13Mar 3, 2022Updated 4 years ago
• Air14 / KDBGDecryptor

  View on GitHub
  A simple example how to decrypt kernel debugger data block
  ☆32Feb 8, 2021Updated 5 years ago
• loneicewolf / Agent.btz

  View on GitHub
  agent.btz download MALWARE BINARY PROVIDED + POC video
  ☆23Jul 11, 2021Updated 4 years ago
• h4xu3lyn / FuckPg

  View on GitHub
  Analysing and defeating PatchGuard universally
  ☆35Nov 4, 2020Updated 5 years ago