2022 Updated Kernelmode-Code
☆33Mar 23, 2024Updated last year
Alternatives and similar repositories for KernelMode-Code
Users that are interested in KernelMode-Code are comparing it to the libraries listed below
Sorting:
- a windows kernel keylogger that works☆20Feb 12, 2024Updated 2 years ago
- ☆17Oct 31, 2022Updated 3 years ago
- UPDATED 2022 Flame malware sourcecode available !! Forked. I will later provide my sample of Flame, Duqu and Gauss.☆19Mar 4, 2024Updated 2 years ago
- DUQU MALWARE SOURCE + BINARY + More coming☆13Feb 6, 2023Updated 3 years ago
- ☆18Mar 28, 2023Updated 2 years ago
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆49Mar 10, 2023Updated 3 years ago
- A LKM (Loadable Kernel Module) to execute a command as root; I include a example of using netcat and a compiled(with source and steps on…☆16Oct 8, 2024Updated last year
- Windows CIFS/SMB packet generation and SMB networking library☆12Aug 25, 2020Updated 5 years ago
- [+] nls_933w.dll + [+] WIN32M.SYS MALWARE- ONLY FOR ACADEMICAL RESEARCH PURPOSES!☆11Sep 20, 2025Updated 6 months ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- R3劫持所有异常☆15Jan 4, 2021Updated 5 years ago
- ☆15Mar 13, 2023Updated 3 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- Dangling COM Keys Finder☆17Nov 16, 2021Updated 4 years ago
- Some drivers I've written while solving exercises from Practical Reverse Engineering☆15Jan 9, 2022Updated 4 years ago
- GAUSS MALWARE Source [Striking similarities with Duqu, FlameR!, Fanny, StuxNet and more.] Source coming soon! + Binaries + Video show…☆18Aug 4, 2022Updated 3 years ago
- neat way to detect memory read using nt layer function.☆14Aug 4, 2023Updated 2 years ago
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆32May 18, 2022Updated 3 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 3 years ago
- Microsoft Redistributable Download & Installer☆19Oct 14, 2019Updated 6 years ago
- Injector with kernel power☆18Jan 2, 2021Updated 5 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- CVE-2022-3699 with arbitrary kernel code execution capability☆71Dec 27, 2022Updated 3 years ago
- DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10☆53Mar 12, 2024Updated 2 years ago
- A simple process query/manipulation tool using driver hooked system call. (2019)☆12Aug 30, 2021Updated 4 years ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- ☆69Dec 17, 2020Updated 5 years ago
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆63Aug 21, 2024Updated last year
- silence file system monitoring components by hooking their minifilters☆61Jan 31, 2024Updated 2 years ago
- UEFI bootkit: Hardware Implant. In-Progress☆15Mar 7, 2022Updated 4 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- A more advanced free and open .NET obfuscator using dnlib.☆10Oct 4, 2022Updated 3 years ago
- Integration of Microsoft Warbird with the MSVC compiler☆133Jul 16, 2023Updated 2 years ago
- fanny.bmp cleaned MALWARE - ONLY FOR ACADEMICAL RESEARCH AND EDUCATIONAL PURPOSES! (incl Metasploit detection Module)☆46Jul 9, 2025Updated 8 months ago
- A POC for Windows Extension Host hooking☆24Jul 13, 2019Updated 6 years ago
- XOrCryptEx lightweight C Utility/Algorithm☆11Mar 3, 2022Updated 4 years ago
- A simple example how to decrypt kernel debugger data block☆32Feb 8, 2021Updated 5 years ago
- agent.btz download MALWARE BINARY PROVIDED + POC video☆20Jul 11, 2021Updated 4 years ago
- Analysing and defeating PatchGuard universally☆36Nov 4, 2020Updated 5 years ago
