milabs / kmatryoshkaView external linksLinks
Matryoshka - stacked LKM loader
☆54Oct 8, 2023Updated 2 years ago
Alternatives and similar repositories for kmatryoshka
Users that are interested in kmatryoshka are comparing it to the libraries listed below
Sorting:
- Linux Kernel hooking engine (x86)☆387Oct 14, 2025Updated 4 months ago
- Code injection from Linux kernel to a process☆24May 19, 2023Updated 2 years ago
- Simple remote administration tool. Written in c++ and MASM.☆18May 16, 2018Updated 7 years ago
- Linux kernel module that provides remote backdoor using netfilters , file and pid hiding.☆11Apr 1, 2017Updated 8 years ago
- Various shellcodes☆13Sep 1, 2020Updated 5 years ago
- ☆11Apr 23, 2019Updated 6 years ago
- Learn Winapi in this Repo with examples, to understand its abstraction in reverse engineering for Windows.☆11Aug 8, 2022Updated 3 years ago
- ☆14Sep 23, 2023Updated 2 years ago
- ☆10Jun 26, 2024Updated last year
- Ftrace Based Linux Loadable Kernel Module Rootkit for Linux Kernel 5.x up to linux kernel 6.2 on x86_64, hides files, hides process, hide…☆28Feb 4, 2026Updated last week
- Shellcode process injector☆28May 22, 2020Updated 5 years ago
- Crypt::Curve25519☆12Jan 6, 2021Updated 5 years ago
- Remote Administration Tool For Windows VB.NET☆12Mar 19, 2019Updated 6 years ago
- Windows 32/64-bit Include files and Import Libraries☆16May 26, 2022Updated 3 years ago
- x86_64 LKM linux rootkit☆16Jul 1, 2023Updated 2 years ago
- ☆31Jan 12, 2022Updated 4 years ago
- Script to chain search parameters for MalwareBazaar☆12Jan 26, 2025Updated last year
- DOSrat by Criper98 ~ Un Remote Administrator Tool in ITA per Windows☆10Oct 14, 2022Updated 3 years ago
- StingRay / IMSI Catcher Detector☆12Sep 18, 2018Updated 7 years ago
- Spoof parent process ID☆13Jan 23, 2019Updated 7 years ago
- hook detector using emulation and comparing static with dynamic outputs☆17Aug 11, 2023Updated 2 years ago
- PoC for the Remote Desktop Gateway vulnerability - CVE-2020-0609 & CVE-2020-0610☆78Jan 31, 2020Updated 6 years ago
- Download payload to disk and install it to startup then melt.☆35Apr 9, 2019Updated 6 years ago
- Super IOCTL Basic Fuzzer☆15Sep 22, 2019Updated 6 years ago
- C++ Host .NET CLR & Run a assembly directly from ressource (RT_RCDATA) without extraction disk.☆15Mar 18, 2023Updated 2 years ago
- Kiddy - (linux) kernel identity spoofer☆15Mar 18, 2024Updated last year
- Simple little rootkit made in C☆13Feb 15, 2021Updated 4 years ago
- Diary of a reverse-engineer blog☆20Oct 2, 2023Updated 2 years ago
- Minifilter Callback Patching Proof-of-Concept☆73Oct 31, 2022Updated 3 years ago
- Obfuscates dynamic symbol table☆135Jan 10, 2019Updated 7 years ago
- We store attacks and exploits that we've found useful in our research☆13Jun 4, 2015Updated 10 years ago
- CVE-2022-1040☆17Sep 25, 2022Updated 3 years ago
- ☆16Oct 31, 2022Updated 3 years ago
- Original PoC for CVE-2023-30367☆16Jan 4, 2024Updated 2 years ago
- Exploits pack for the Windows Kernel mode driver HackSysExtremeVulnerableDriver written for educational purposes.☆66Oct 24, 2021Updated 4 years ago
- ☆16Nov 23, 2021Updated 4 years ago
- Decompiled NotPetya File Encryptor Code☆17Aug 23, 2022Updated 3 years ago
- H2HC 2018 Slides/Materials/Presentations☆36Nov 24, 2020Updated 5 years ago
- A Simple Linux ELF Runtime Crypter☆270Feb 25, 2025Updated 11 months ago