threatexpert / atrk-winView external linksLinks
针对windows rootkit的一些检测,分别从进程、端口、文件这三个方面进行检测。
☆21Jan 16, 2025Updated last year
Alternatives and similar repositories for atrk-win
Users that are interested in atrk-win are comparing it to the libraries listed below
Sorting:
- Linux下进程隐藏检测与定位工具☆17Nov 2, 2024Updated last year
- socks proxy over RDP隧道工具,基于Windows远程桌面客户端插件接口,实现端口转发☆24Apr 25, 2025Updated 9 months ago
- CVE-2024-35250 的 Beacon Object File (BOF) 实现。☆24Nov 28, 2024Updated last year
- ☆14Updated this week
- it's a driver injector or driver loader header lib(Windows)☆12Aug 5, 2023Updated 2 years ago
- Dll hijack -- just one macro☆12Jul 3, 2023Updated 2 years ago
- Inject dll to process in driver☆10Aug 27, 2024Updated last year
- 内存加载DLL 支持VMP最大加密☆12Aug 11, 2020Updated 5 years ago
- A simple DLL injection protection driver.☆12Dec 21, 2020Updated 5 years ago
- Native API header files for the Process Hacker project.☆15Mar 1, 2023Updated 2 years ago
- GitHubApi CVE Poc监控工具☆14Jan 23, 2026Updated 3 weeks ago
- 常见反沙箱反虚拟机总结☆20Nov 13, 2024Updated last year
- Basic Psexec clone, but in golang.☆16Jul 2, 2022Updated 3 years ago
- NtCreateUserProcess with CsrClientCallServer for mainstream Windows x64 version☆43Jul 16, 2024Updated last year
- idaemu is an IDA Pro Plugin - use for emulating code in IDA Pro.update for ida pro 7.7☆16Nov 9, 2023Updated 2 years ago
- 一个windows内核驱动分析框架,对内核所有导出函数进行挂钩监控☆69Nov 19, 2025Updated 2 months ago
- ☆37Sep 26, 2024Updated last year
- Protected Process Light Library☆18Jun 20, 2020Updated 5 years ago
- 通过重造轮子和调用OpenSSL的方式学习密码!!☆15Jan 28, 2023Updated 3 years ago
- Rookit and anti rookit on Windows platform☆14Apr 30, 2024Updated last year
- A simple python script to check evil Visual Studio projects☆21Oct 13, 2023Updated 2 years ago
- Woodpecker模板项目,方便创建新插件☆14Jul 25, 2024Updated last year
- An anti-cheat project that includes kernel mode.☆39Jul 29, 2021Updated 4 years ago
- ☆19Oct 25, 2024Updated last year
- A simple tool to identify WDS servers in Active Directory☆32Aug 25, 2025Updated 5 months ago
- ☆18May 6, 2025Updated 9 months ago
- a monitoring windows driver calls kernel api tools☆126Jul 5, 2024Updated last year
- Some crazy PE executables protection kernel driver☆20May 2, 2020Updated 5 years ago
- Logging library for kernel drivers written for the Windows NT operating system.☆21Oct 17, 2025Updated 4 months ago
- ☆15Dec 16, 2020Updated 5 years ago
- etw hook (syscall/infinity hook) compatible with the latest Windows version of PG☆22Sep 11, 2024Updated last year
- 通过分析流量,快速检查手机是否被APT攻击☆35Oct 19, 2025Updated 3 months ago
- Radical Windows ARK☆251Apr 18, 2025Updated 9 months ago
- ☆17Apr 9, 2022Updated 3 years ago
- Rootkit loader for your rootkit dll, x86/x64 system wide DLL injection (+appinit_dlls registry create) uses heavens gate☆22Jan 28, 2021Updated 5 years ago
- 微软开发的系统管理小工具-简约教程-含渗透利器☆21Sep 27, 2019Updated 6 years ago
- Stealing signatures from pe files☆15Apr 1, 2025Updated 10 months ago
- A native Windows library for intercepting kernel-to-user transitions using instrumentation callbacks☆28Feb 3, 2024Updated 2 years ago
- Driver protect 驱动保护☆46Apr 23, 2020Updated 5 years ago