loneicewolf / LOJAX

Related projects ⓘ

Alternatives and complementary repositories for LOJAX

• Cr4sh / r0ak
  r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
  ☆10Updated 6 years ago
• connormcgarr / Kernel-Escalation-of-Privileges-Payloads
  NT AUTHORITY\SYSTEM
  ☆38Updated 4 years ago
• mgeeky / HEVD_Kernel_Exploit
  Exploits pack for the Windows Kernel mode driver HackSysExtremeVulnerableDriver written for educational purposes.
  ☆63Updated 3 years ago
• Cr4sh / efiXplorer
  IDA plugin for UEFI firmware analysis and reverse engineering automation
  ☆10Updated 2 years ago
• jussihi / SMM-Rootkit
  SMM rootkit similar to LoJax or MosaicRegressor
  ☆102Updated last year
• mzakyz666 / WikiLeaks-Marble-CIA
  Clone repository for Source Code secret anti-forensic tools Marble Framework CIA, Leaked by WikiLeaks.
  ☆30Updated 7 years ago
• hasherezade / hidden_bee_tools
  Parser for a custom executable format from Hidden Bee malware (first stage)
  ☆39Updated 2 months ago
• DanielAvinoam / TheSubZeroProject
  A multi-staged malware that contains a kernel mode rootkit and a remote system shell.
  ☆69Updated 3 years ago
• benheise / bootkit
  UEFI bootkit: Hardware Implant. In-Progress
  ☆11Updated 2 years ago
• fcccode / Vx-Engines
  Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware
  ☆25Updated 5 years ago
• bytecode77 / enter-product-key-privilege-escalation
  Enter Product Key Volatile Environment LPE
  ☆11Updated 2 years ago
• evilbuffer / Osiris-Sourcecode
  Alleged source code leak of Osiris banking trojan
  ☆37Updated 3 years ago
• Idov31 / UdpInspector
  Listing UDP connections with remote address without sniffing.
  ☆30Updated last year
• mgeeky / PEInfo
  Another Portable Executable files analysing stuff
  ☆18Updated 13 years ago
• loneicewolf / flame-sourcecode
  UPDATED 2022 Flame malware sourcecode available !! Forked. I will later provide my sample of Flame, Duqu and Gauss.
  ☆18Updated 8 months ago
• Keramas / WindowsKernelExploits
  Repository for Windows 10 x64 kernel research, exploitation learning, and reference/supplementary code.
  ☆13Updated 4 years ago
• therealdreg / cgaty
  Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)
  ☆69Updated last year
• quantumcore / ReflectiveDLLInjectionTutorial
  This is a tutorial and introduction to Reflective DLL Injection + reading outputs of injected dll using named pipes.
  ☆18Updated 3 years ago
• realoriginal / bootdoor
  An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot
  ☆59Updated last year
• bytecode77 / taskmgr-privilege-escalation
  TaskMgr Volatile Environment LPE
  ☆12Updated 2 years ago
• XaFF-XaFF / Shellcodev
  Shellcodev is a tool designed to help and automate the process of shellcode creation.
  ☆100Updated last year
• loneicewolf / fanny.bmp
  fanny.bmp MALWARE - ONLY FOR ACADEMICAL RESEARCH AND EDUCATIONAL PURPOSES! (incl Metasploit detection Module)
  ☆35Updated 7 months ago
• AzAgarampur / PsForge
  Process Hollowing demonstration & explanation
  ☆32Updated 3 years ago
• APT64 / KernelAVKiller
  Antivirus killer using ring-0 kernel driver. Antivirus processes will automatically close while the killer is running.
  ☆6Updated 2 years ago
• jthuraisamy / av-fingerprints
  Antivirus Emulator Fingerprints
  ☆27Updated 6 years ago
• mandiant / win10_rekall
  Rekall Memory Forensic Framework
  ☆29Updated 5 years ago
• NUL0x4C / RecycleBinPersistence
  using the Recycle Bin to insure persistence
  ☆11Updated 2 years ago