Alternatives and similar repositories for rootkit

Users that are interested in rootkit are comparing it to the libraries listed below

• y11en / r0ak
  r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
  ☆14Updated 6 years ago
• aaaddress1 / Lexa
  Windows Application Loader Running *.Exe files in Memory against Scrylla
  ☆21Updated 5 years ago
• epakskape / greenshellcode
  Green shellcode challenge tools
  ☆22Updated 6 years ago
• DownWithUp / CVE-Stockpile
  Master list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.
  ☆49Updated 4 years ago
• RanchoIce / 44Con2018
  Slides of 44Con 2018
  ☆21Updated 6 years ago
• Darkabode / 0lib
  Zerokit shared code
  ☆16Updated 6 years ago
• NtRaiseHardError / Providence
  Kernel-mode file scanner
  ☆18Updated 6 years ago
• ohjeongwook / REPack
  Reverse engineering toolkit for exploit/malware analysis
  ☆35Updated 5 years ago
• mponcet / subversive
  x86_64 linux rootkit using debug registers
  ☆52Updated 3 years ago
• Darkabode / possessor
  User-mode part of Zerokit platform
  ☆20Updated 6 years ago
• tekwizz123 / demos
  Forked from Akayan. Windows Kernel Exploitation. Static & dynamic analysis, exploits & vuln reasearch. Mitigations bypass's, genric bug-c…
  ☆16Updated 7 months ago
• narhen / procjack
  PoC of injecting code into a running Linux process
  ☆23Updated 5 years ago
• codingtest / EMET
  reversed emet tool
  ☆24Updated 12 years ago
• wes4m / unHooker
  Kernel (Ring0) - SSDT unhook driver
  ☆14Updated 7 years ago
• MortenSchenk / LoadLibrary-CFG-Bypass
  Control Flow Guard bypass using LoadLibrary and IsBadCodePtr
  ☆45Updated 8 years ago
• MortenSchenk / Privilege_Shellcode
  Kernel Shellcode to add all privileges in token
  ☆13Updated 8 years ago
• leonwxqian / windows-defender-nscript-loader
  A exe loader that can load NScript evaluation engine of Windows Defender/Microsft Security Essential. You can fuzz NScript by using this.…
  ☆29Updated 7 years ago
• humeafo / scc
  a C/C++ shellcode compiler based on llvm/clang
  ☆36Updated 9 years ago
• JKornev / cfgdump
  Windbg extension that allows you analyze Control Flow Guard map
  ☆35Updated 3 years ago
• byck01 / KernelBugTest
  KernelBugTest
  ☆15Updated 7 years ago
• DownWithUp / CVE-2018-16712
  PoC Code for CVE-2018-16712 (exploit by MmMapIoSpace)
  ☆25Updated 6 years ago
• bigric3 / CVE-2018-4901
  crash poc & Leak info PoC
  ☆18Updated 7 years ago
• NoviceLive / shellcoding
  Introduce you to shellcode development.
  ☆23Updated 8 years ago
• tsarpaul / WinRpcTutorial
  A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial
  ☆16Updated 5 years ago
• killvxk / Researchs
  一些研究
  ☆14Updated 5 years ago
• 0xcpu / exthost
  A POC for Windows Extension Host hooking
  ☆22Updated 5 years ago
• 86hh / BEAUTIFULSKY
  ☆21Updated 6 years ago
• t57root / amcsh
  A More Comfortable (remote) SHell with full pty support and both reverse / bindport connection mode.
  ☆30Updated 12 years ago
• brianwrf / CVE-2017-4878-Samples
  CVE-2017-4878 Samples - http://blog.talosintelligence.com/2018/02/group-123-goes-wild.html
  ☆18Updated 7 years ago
• Darkabode / amte
  Analysis and Modification Tool for Executables
  ☆16Updated 6 years ago