ngn13 / shrkLinks
LKM rootkit for modern kernels, with DNS C2 and a simple web interface
☆72Updated last month
Alternatives and similar repositories for shrk
Users that are interested in shrk are comparing it to the libraries listed below
Sorting:
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆96Updated 6 months ago
- shell code example☆62Updated 3 months ago
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆42Updated last year
- a demo module for the kaine agent to execute and inject assembly modules☆40Updated 11 months ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆45Updated last year
- Shellcode Loader Utilizing ETW Events☆65Updated 6 months ago
- XOR decrypting shellcode using the GPU with OpenCL.☆114Updated 3 months ago
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆131Updated last year
- ☆40Updated 8 months ago
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆67Updated 4 months ago
- This is the loader that supports running a program with Protected Process Light (PPL) protection functionality.☆117Updated this week
- "Service-less" driver loading☆159Updated 8 months ago
- A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆39Updated 5 months ago
- ☆100Updated last year
- find dll base addresses without PEB WALK☆141Updated last month
- Malware?☆74Updated 10 months ago
- Splitting and executing shellcode across multiple pages☆101Updated 2 years ago
- ForsHops☆57Updated 5 months ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆64Updated 2 years ago
- Linker for Beacon Object Files☆126Updated last month
- A process injection technique using only thread context manipulation☆37Updated last year
- Heap encryption in Nim☆19Updated last year
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆86Updated 2 years ago
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆105Updated last year
- Exploiting the KsecDD Windows driver through Server Silos☆73Updated 9 months ago
- Section-based payload obfuscation technique for x64☆64Updated last year
- Boilerplate to develop raw and truly Position Independent Code (PIC).☆54Updated 7 months ago
- Win32 keylogger that supports all (non-ime using) languages correctly☆50Updated last year
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆161Updated this week
- kernel-mode DLL Injector☆108Updated 4 months ago