nbulischeck / tytonView external linksLinks
Kernel-Mode Rootkit Hunter
☆376Nov 13, 2021Updated 4 years ago
Alternatives and similar repositories for tyton
Users that are interested in tyton are comparing it to the libraries listed below
Sorting:
- Rootkit Detector for UNIX☆61Aug 11, 2023Updated 2 years ago
- Windows 10 kernel and ntdll internal types, directly compatible with ida.☆53Oct 14, 2018Updated 7 years ago
- Windows device tree walker☆15Sep 19, 2018Updated 7 years ago
- PoC Code for CVE-2018-16712 (exploit by MmMapIoSpace)☆25Dec 1, 2018Updated 7 years ago
- Powershell script for enumerating vulnerable DCOM Applications☆266Nov 30, 2018Updated 7 years ago
- By Kprobe technology Open Source Host-based Intrusion Detection System(HIDS), from E_Bwill.☆603Apr 1, 2021Updated 4 years ago
- CVE-2019-12949☆26Jun 28, 2019Updated 6 years ago
- Zerokit/GAPZ rootkit (non buildable and only for researching)☆185Mar 30, 2019Updated 6 years ago
- ☆16Feb 26, 2018Updated 7 years ago
- A project that aims to automatically devirtualize code that has been virtualized using x86virt☆126Dec 3, 2022Updated 3 years ago
- Linux rootkit for Ubuntu 16.04 and 10.04 (Linux Kernels 4.4.0 and 2.6.32), both i386 and amd64☆818Apr 7, 2024Updated last year
- A tool for checking exploitability☆210May 31, 2019Updated 6 years ago
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Oct 26, 2025Updated 3 months ago
- PoC code using debugfs to store files in memory and execute them☆27May 25, 2018Updated 7 years ago
- cve-2019-0808-poc☆48Mar 25, 2019Updated 6 years ago
- exploit termdd.sys(support kb4499175)☆61Jul 15, 2019Updated 6 years ago
- POC and exploitation of vulnerabilities☆91Mar 22, 2022Updated 3 years ago
- LibZeroEvil & the Research Rootkit project.☆599Dec 1, 2021Updated 4 years ago
- ☆127Apr 8, 2019Updated 6 years ago
- 🔵 Ethereum and BNB (BSC) Mev bot - Arbitrage☆359Updated this week
- FLARE Kernel Shellcode Loader☆179May 3, 2019Updated 6 years ago
- PoC code for crashing windows active directory☆35Sep 19, 2018Updated 7 years ago
- A debugger for windows platform☆20Oct 31, 2018Updated 7 years ago
- Shadow-Box: Lightweight and Practical Kernel Protector for x86 (Presented at BlackHat Asia 2017/2018, beVX 2018 and HITBSecConf 2017)☆188Jun 24, 2019Updated 6 years ago
- Post module for Metasploit to execute ELF in memory☆86Nov 23, 2018Updated 7 years ago
- A LKM rootkit for most newer kernel versions.☆180Sep 17, 2017Updated 8 years ago
- Green shellcode challenge tools☆22Apr 9, 2019Updated 6 years ago
- This is the list of all rootkits found so far on github and other sites.☆1,422Aug 29, 2025Updated 5 months ago
- Tool to decompress data from Windows 10 page files and memory dumps, that has been compressed by the Windows 10 memory manager.☆51Apr 9, 2019Updated 6 years ago
- ☆164May 18, 2018Updated 7 years ago
- This is a simple driver with x64 inline assembly☆57Jun 26, 2020Updated 5 years ago
- Stealthy backdoor for Windows operating systems☆284Feb 13, 2020Updated 6 years ago
- FCL (Fileless Command Lines) - Known command lines of fileless malicious executions☆477Apr 8, 2021Updated 4 years ago
- The exploit samples database is a repository for **RCE** (remote code execution) exploits and Proof-of-Concepts for **WINDOWS**, the samp…☆747Dec 11, 2023Updated 2 years ago
- Public documents related to my talk "Bypass Windows Exploit Guard ASR" at Offensive Con 2019.☆94Feb 24, 2019Updated 6 years ago
- A novel technique to hide code from debuggers & disassemblers☆161Aug 9, 2024Updated last year
- Packet capture on Windows without a kernel driver☆195Oct 1, 2018Updated 7 years ago
- Linux Rootkit Scanner☆88Jan 24, 2022Updated 4 years ago
- HAXM hypervisor client☆18Nov 30, 2018Updated 7 years ago