Rusty Rootkit - Windows Kernel Rookit in Rust (Codename: Eagle)
☆574Jun 5, 2023Updated 2 years ago
Alternatives and similar repositories for eagle-rs
Users that are interested in eagle-rs are comparing it to the libraries listed below
Sorting:
- Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)☆360Mar 2, 2024Updated 2 years ago
- Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus)☆563Sep 12, 2023Updated 2 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆233Mar 23, 2023Updated 2 years ago
- Rusty Hypervisor - Windows Kernel Blue Pill Type-2 Hypervisor in Rust (Codename: Matrix)☆321Jul 7, 2024Updated last year
- Call stack spoofing for Rust☆357Feb 7, 2025Updated last year
- Rust Weaponization for Red Team Engagements.☆2,988Apr 25, 2024Updated last year
- Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc.☆282Feb 8, 2024Updated 2 years ago
- Nidhogg is an all-in-one simple to use windows kernel rootkit.☆2,274Feb 15, 2026Updated 2 weeks ago
- Dynamically invoke arbitrary unmanaged code☆358Feb 19, 2026Updated 2 weeks ago
- Cobalt Strike UDRL for memory scanner evasion.☆1,006Jun 4, 2024Updated last year
- KaynLdr is a Reflective Loader written in C/ASM☆555Dec 3, 2023Updated 2 years ago
- Sleep Obfuscation☆817Dec 3, 2023Updated 2 years ago
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆591Aug 2, 2025Updated 7 months ago
- Examples on how to write Windows kernel drivers in Rust☆245Apr 23, 2024Updated last year
- Rusty Hypervisor - Windows UEFI Blue Pill Type-1 Hypervisor in Rust (Codename: Illusion)☆343Aug 31, 2024Updated last year
- A modern 32/64-bit position independent implant template☆1,295Mar 21, 2025Updated 11 months ago
- UAC bypass by abusing RPC and debug objects.☆627Oct 19, 2023Updated 2 years ago
- Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.☆936Mar 29, 2022Updated 3 years ago
- PoCs and tools for investigation of Windows process execution techniques☆953Feb 2, 2026Updated last month
- Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.☆677Nov 9, 2023Updated 2 years ago
- Windows shellcode development in Rust☆305Feb 6, 2021Updated 5 years ago
- ☆1,788Aug 30, 2024Updated last year
- Windows Kernel Rootkit in Rust☆677Oct 10, 2025Updated 4 months ago
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆1,401Nov 22, 2023Updated 2 years ago
- SysWhispers on Steroids - AV/EDR evasion via direct system calls.☆1,594Jul 31, 2024Updated last year
- ☆505Aug 14, 2022Updated 3 years ago
- x64 binary obfuscator☆1,960Jul 14, 2023Updated 2 years ago
- Reuse open handles to dynamically dump LSASS.☆246Apr 4, 2024Updated last year
- Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST☆722Aug 18, 2023Updated 2 years ago
- Template-based shellcode packer written in Rust, with indirect syscall support. Made with <3 for pentesters.☆319Updated this week
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆535Aug 1, 2022Updated 3 years ago
- A cross platform C2/post-exploitation framework.☆706Oct 8, 2022Updated 3 years ago
- A rust library that allows you to host the CLR and execute dotnet binaries.☆235Mar 12, 2025Updated 11 months ago
- A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)☆558Apr 8, 2025Updated 10 months ago
- Now You See Me, Now You Don't☆1,025Jan 23, 2026Updated last month
- A COFF loader made in Rust☆327Feb 26, 2026Updated last week
- Shellcode injection technique. Given as C++ header, standalone Rust program or library.☆706Sep 26, 2023Updated 2 years ago
- ☆153Jan 6, 2023Updated 3 years ago
- Shoggoth: Asmjit Based Polymorphic Encryptor☆781Apr 10, 2024Updated last year