niv256 / simple_rootkit
A simple LKM kernel space rootkit for v5.x linux with multiple functions.
☆10Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for simple_rootkit
- A virtualization-based endpoint security solution for Windows☆86Updated 3 years ago
- In line function hooking LKM rootkit☆51Updated 4 years ago
- An automatic tool for fixing dumped PE files☆41Updated 4 years ago
- lowlevel cyber course - riscv & i8086 competition☆11Updated 5 years ago
- Hypervisor created by me, for Intel's VT-x extension☆13Updated 3 years ago
- An Anti-Rootkit implemented using Intel VT-x☆39Updated 5 years ago
- ☆11Updated 3 years ago
- Collection of Source Code and Binaries of the reversing challenges by Elemental X☆5Updated 8 months ago
- Rootkit Development tutorial series. Works on Kernel version 4.15 Can be adapted for 5.3+☆42Updated 2 years ago
- TrashDBG the world's worse debugger☆24Updated 2 years ago
- demo of common anti-analysis techniques used by malware☆16Updated 2 years ago
- ☆103Updated 5 years ago
- RIXED LABS is open for contributions for it's community papers . If you want to publish a blog or a paper , it will be added to the site…☆80Updated 2 years ago
- A native hypervisor designed for the Windows operating system☆120Updated 3 years ago
- A research project about Windows notify routines.☆35Updated 4 years ago
- Go Lang Portable Executable Parser☆37Updated 3 years ago
- BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)☆121Updated 2 years ago
- Parsers for custom malware formats ("Funky malware formats")☆92Updated 2 years ago
- Writeups for CTF challenges☆30Updated last year
- Set of antianalysis techniques found in malware☆129Updated last year
- IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).☆84Updated 2 years ago
- An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples☆66Updated 2 years ago
- Linux kernel internals' notes☆19Updated 3 months ago
- Abusing exceptions for code execution.☆106Updated last year
- Process Hollowing for 32 bit and 64 bit☆79Updated 7 years ago
- ☆28Updated last year
- Call arbitrary Windows kernel-mode functions from Python on another machine☆45Updated 3 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆204Updated 5 years ago