Alternatives and similar repositories for reveng_rtkit

Users that are interested in reveng_rtkit are comparing it to the libraries listed below

• carloslack / KoviD
  Red-Team LKM
  ☆627Updated 3 weeks ago
• jermeyyy / rooty
  Academic project of Linux rootkit made for Bachelor Engineering Thesis.
  ☆117Updated last year
• VoidSec / Exploit-Development
  Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
  ☆235Updated 2 years ago
• MatheuZSecurity / Rootkit
  Collection of codes focused on Linux rootkits
  ☆192Updated 2 months ago
• deepinstinct / Dirty-Vanity
  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
  ☆672Updated 3 years ago
• MrAle98 / CVE-2025-21333-POC
  POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY
  ☆226Updated 9 months ago
• mav8557 / Father
  LD_PRELOAD rootkit
  ☆137Updated last year
• daem0nc0re / VectorKernel
  PoCs for Kernelmode rootkit techniques research.
  ☆424Updated 2 months ago
• shogunlab / building-c2-implants-in-cpp
  The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).
  ☆235Updated last year
• eversinc33 / Banshee
  Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.
  ☆580Updated 5 months ago
• fortra / CVE-2023-28252
  ☆179Updated 2 years ago
• Maldev-Academy / MaldevAcademyLdr.1
  RunPE implementation with multiple evasive techniques (1)
  ☆377Updated 2 years ago
• Bw3ll / ROP_ROCKET
  ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…
  ☆164Updated last month
• connormcgarr / Kernel-Exploits
  Kernel Exploits
  ☆259Updated 4 years ago
• akamai / Linux-Process-Injection
  ☆90Updated last year
• DualHorizon / blackpill
  A Linux kernel rootkit in Rust using a custom made type-2 hypervisor, eBPF XDP and TC programs
  ☆335Updated 6 months ago
• florylsk / RecycledInjector
  Native Syscalls Shellcode Injector
  ☆267Updated 2 years ago
• ZeroMemoryEx / APT38-0day-Stealer
  APT38 Tactic PoC for Stealing 0days from security researchers
  ☆325Updated 7 months ago
• Bw3ll / sharem
  SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…
  ☆474Updated 6 months ago
• ynwarcs / CVE-2025-21298
  Proof of concept & details for CVE-2025-21298
  ☆193Updated 11 months ago
• Hakumarachi / Bropper
  An automatic Blind ROP exploitation tool
  ☆205Updated 2 years ago
• XaFF-XaFF / Black-Angel-Rootkit
  Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.
  ☆648Updated 2 years ago
• CodeXTF2 / maldev-links
  My collection of malware dev links
  ☆304Updated 7 months ago
• eeriedusk / nysm
  nysm is a stealth post-exploitation container.
  ☆265Updated 6 months ago
• TakahiroHaruyama / VDR
  Vulnerable driver research tool, result and exploit PoCs
  ☆225Updated 2 years ago
• 0xTriboulet / Revenant
  Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
  ☆388Updated last year
• reveng007 / DarkWidow
  Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …
  ☆745Updated 5 months ago
• hardenedvault / bootkit-samples
  Bootkit sample for firmware attack
  ☆265Updated last year
• cocomelonc / peekaboo
  Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.
  ☆279Updated 3 months ago
• janoglezcampos / llvm-yx-callobfuscator
  LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
  ☆319Updated last year