Statistics for topic rootkit
RepositoryStats tracks 518,325 Github repositories, of these 70 are tagged with the rootkit topic. The most common primary language for repositories using this topic is C (28). Other languages include: C++ (17)
Stargazers over time for topic rootkit
Most starred repositories for topic rootkit (view more)
Trending repositories for topic rootkit (view more)
Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.
Rusty Hypervisor - Windows UEFI Blue Pill Type-1 Hypervisor in Rust (Codename: Illusion)
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
Rusty Hypervisor - Windows UEFI Blue Pill Type-1 Hypervisor in Rust (Codename: Illusion)
Plus Edition of KernelSU_Action. Use Github Action to build kernels with KernelSU. Supports all kernel versions theoretically.
Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
Weaponizing the Linux Kernel (Hide Files/PID, SSH backdoors, SSL Sniffer, ...) by poking around eBPF/XDP
Rusty Hypervisor - Windows UEFI Blue Pill Type-1 Hypervisor in Rust (Codename: Illusion)
Plus Edition of KernelSU_Action. Use Github Action to build kernels with KernelSU. Supports all kernel versions theoretically.
POC Ring3 Windows Rootkit (x86 / x64) - Hide processes and files
Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
Rusty Hypervisor - Windows UEFI Blue Pill Type-1 Hypervisor in Rust (Codename: Illusion)
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
Windows x64 kernel mode rootkit process hollowing POC.