m0hamed / lkm-rootkit
A rootkit implemented as a linux kernel module
☆16Updated 9 years ago
Related projects ⓘ
Alternatives and complementary repositories for lkm-rootkit
- windows create process with a dll load first time via LdrHook☆30Updated 8 years ago
- ☆17Updated 5 years ago
- Anti-technique Codes, Detection of Anti-technique codes☆37Updated 11 years ago
- ☆33Updated 7 years ago
- A sample project for using Capstone from a driver in Visual Studio 2015☆33Updated 8 years ago
- Anti-AV compilation☆42Updated 11 years ago
- 🐧 A simple kernel-level rootkit☆19Updated 8 years ago
- PCAUSA Rawether for Windows Local Privilege Escalation☆36Updated 7 years ago
- ☆45Updated 6 years ago
- it's a simple LKM rootkit.☆11Updated 8 years ago
- Kernel mode windows NT API logger☆21Updated 5 years ago
- PoC for Bypassing UM Hooks By Bruteforcing Intel Syscalls☆39Updated 9 years ago
- User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.☆18Updated 8 years ago
- Windows hard shutdown shellcode. Don't need administrator rights.☆12Updated 8 years ago
- Just a proof of concept Linux rootkit that reads from syscalls.☆21Updated 6 years ago
- Code Injector Using Code Caves☆14Updated 9 years ago
- CVE-2014-0816☆24Updated 8 years ago
- ☆28Updated 7 years ago
- Anti live forensic linux LKM rootkit☆16Updated 7 years ago
- Static analysis tools for x86 assembly☆13Updated 7 years ago
- Miscellaneous old Exploit code and PoCs☆15Updated last month
- An IDA Pro script for creating a clearer idb for nymaim malware☆10Updated 6 years ago
- RunPE dump - I wrote this to have better control over the analysis of malwares. I can stop and analysis malware when it uses some of the …☆10Updated 9 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 6 years ago