muffins / rookit_playground
Educational repository for learning about rootkits and Windows Kernel Hooks.
☆49Updated 9 years ago
Related projects: ⓘ
- Python script to inject and run shellcodes through TLS callbacks☆50Updated 9 years ago
- Gozi-MBR-rootkit Bootkit Modified☆68Updated 7 years ago
- Windows Malware☆41Updated 11 years ago
- Supporting Files on my analysis of the malware designated hdroot.☆59Updated 7 years ago
- PoC for Bypassing UM Hooks By Bruteforcing Intel Syscalls☆39Updated 8 years ago
- KINS Banking Trojan☆61Updated 9 years ago
- ☆52Updated this week
- public bugs/proof of concepts☆47Updated 3 years ago
- CAPE monitor DLLs☆38Updated 4 years ago
- A process overwriting its own PEB to make an illusion that it has been loaded from a different path.☆91Updated 3 years ago
- A gadget finder and a ROP-Chainer tool for x86 platforms☆91Updated 3 years ago
- A tiny PoC to inject and execute code into explorer.exe with WM_SETTEXT+WM_COPYDATA+SetThreadContext☆49Updated 6 years ago
- ☆51Updated 7 years ago
- Shellcode Of Death☆38Updated 11 years ago
- ☆42Updated this week
- ☆89Updated this week
- a program to detect reflective dll injection on a live machine☆72Updated 8 years ago
- Inject shellcode into extra file alignment padding of a PE and change the entry point to point to the shellcode. On execution, the shellc…☆21Updated 11 years ago
- ☆29Updated this week
- Hidden kernel mode code execution for bypassing modern anti-rootkits.☆80Updated 13 years ago
- ☆56Updated this week
- kernel exploitation helper class☆75Updated 7 years ago
- ☆27Updated this week
- Ring3 Rootkit Backdoor.☆40Updated 9 years ago
- Anti-technique Codes, Detection of Anti-technique codes☆36Updated 10 years ago
- ☆60Updated this week
- An exploit for CVE-2016-7255 on Windows 7/8/8.1/10(pre-anniversary) 64 bit☆83Updated 7 years ago
- Passive UAC elevation using dll infection☆70Updated 9 years ago
- ☆81Updated this week
- ☆112Updated 8 years ago