Trending repositories for topic rootkit

Linux/Windows post-exploitation framework made by linux user

Windows Kernel Rootkit in Rust

PCI Express DIY hacking toolkit for Xilinx SP605. This repository is also home of Hyper-V Backdoor and Boot Backdoor, check readme for links and info

Now You See Me, Now You Don't

Hiding kernel-driver for x86/x64.

Nidhogg is an all-in-one simple to use windows kernel rootkit.

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)

This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.

Windows Kernel Rootkit in Rust

This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.

Linux/Windows post-exploitation framework made by linux user

PCI Express DIY hacking toolkit for Xilinx SP605. This repository is also home of Hyper-V Backdoor and Boot Backdoor, check readme for links and info

Now You See Me, Now You Don't

Nidhogg is an all-in-one simple to use windows kernel rootkit.

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)

Hiding kernel-driver for x86/x64.

Linux/Windows post-exploitation framework made by linux user

In-Memory Rootkit For Linux

Nidhogg is an all-in-one simple to use windows kernel rootkit.

🌳 Go Bonzai™ CLI framework and "batteries included" library of utilities

Hiding kernel-driver for x86/x64.

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)

🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc

Windows Kernel Rootkit in Rust

Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.

Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis

PCI Express DIY hacking toolkit for Xilinx SP605. This repository is also home of Hyper-V Backdoor and Boot Backdoor, check readme for links and info

Now You See Me, Now You Don't

Webshell && Backdoor Collection

Academic project of Linux rootkit made for Bachelor Engineering Thesis.

This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.

Linux kernel rootkit

InfinityHookPro Win7 -> Win11 latest

In-Memory Rootkit For Linux

Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis

🌳 Go Bonzai™ CLI framework and "batteries included" library of utilities

Linux/Windows post-exploitation framework made by linux user

Windows Kernel Rootkit in Rust

Academic project of Linux rootkit made for Bachelor Engineering Thesis.

This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.

Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.

Nidhogg is an all-in-one simple to use windows kernel rootkit.

Linux kernel rootkit

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)

Hiding kernel-driver for x86/x64.

🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc

PCI Express DIY hacking toolkit for Xilinx SP605. This repository is also home of Hyper-V Backdoor and Boot Backdoor, check readme for links and info

Now You See Me, Now You Don't

InfinityHookPro Win7 -> Win11 latest

Webshell && Backdoor Collection

Linux/Windows post-exploitation framework made by linux user

Windows Kernel Rootkit in Rust

In-Memory Rootkit For Linux

🌳 Go Bonzai™ CLI framework and "batteries included" library of utilities

Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)

🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc

Webshell && Backdoor Collection

Now You See Me, Now You Don't

Nidhogg is an all-in-one simple to use windows kernel rootkit.

awesome-linux-rootkits

Linux kernel rootkit

A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.

A x64 Windows Rootkit using SSDT or Hypervisor hook

PCI Express DIY hacking toolkit for Xilinx SP605. This repository is also home of Hyper-V Backdoor and Boot Backdoor, check readme for links and info

windows kernel security development

Hiding kernel-driver for x86/x64.

SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.

Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis

ebpfkit is a rootkit powered by eBPF

In-Memory Rootkit For Linux

Windows Kernel Rootkit in Rust

Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis

🌳 Go Bonzai™ CLI framework and "batteries included" library of utilities

SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.

Make an Linux Kernel rootkit visible again.

ModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.

Linux kernel rootkit

Linux/Windows post-exploitation framework made by linux user

Academic project of Linux rootkit made for Bachelor Engineering Thesis.

stuxnet Source & Binaries. (+PLC ROOTKIT) ONLY FOR ACADEMICAL RESEARCH AND EDUCATIONAL PURPOSES! Includes: Source files, Binaries, PLC Samples,Fanny Added in another repo.

Now You See Me, Now You Don't

This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.

A x64 Windows Rootkit using SSDT or Hypervisor hook

A rootkit for Android.

Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)

PCI Express DIY hacking toolkit for Xilinx SP605. This repository is also home of Hyper-V Backdoor and Boot Backdoor, check readme for links and info

🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc

A multi-staged malware that contains a kernel mode rootkit and a remote system shell.

PoCs for Kernelmode rootkit techniques research.

Windows Kernel Rootkit in Rust

Rusty Hypervisor - Windows UEFI Blue Pill Type-1 Hypervisor in Rust (Codename: Illusion)

SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.

In-Memory Rootkit For Linux

ModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.

NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg

A rootkit for Android.

Make an Linux Kernel rootkit visible again.

Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis

Weaponizing the Linux Kernel (Hide Files/PID, SSH backdoors, SSL Sniffer, ...) by poking around eBPF/XDP

Nidhogg is an all-in-one simple to use windows kernel rootkit.

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)

Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.

Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.

🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc

Hiding kernel-driver for x86/x64.

Now You See Me, Now You Don't

Windows Kernel Rootkit in Rust

PoCs for Kernelmode rootkit techniques research.

Linux/Windows post-exploitation framework made by linux user

Rusty Hypervisor - Windows UEFI Blue Pill Type-1 Hypervisor in Rust (Codename: Illusion)

awesome-linux-rootkits

A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.

Webshell && Backdoor Collection

ebpfkit is a rootkit powered by eBPF

A x64 Windows Rootkit using SSDT or Hypervisor hook

Rusty Hypervisor - Windows Kernel Blue Pill Type-2 Hypervisor in Rust (Codename: Matrix)

？什么你说Root？我不到啊 | 致力于编写全面详细的Root教程文档 | 刷机 | 安卓

Linux kernel rootkit

windows kernel security development

Windows Kernel Rootkit in Rust

ModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.

PoCs for Kernelmode rootkit techniques research.

Make an Linux Kernel rootkit visible again.

SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.

NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg

Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.

Plus Edition of KernelSU_Action. Use Github Action to build kernels with KernelSU. Supports all kernel versions theoretically.

「🧊」Ring 3 Rootkit for Windows 10

Rusty Hypervisor - Windows Kernel Blue Pill Type-2 Hypervisor in Rust (Codename: Matrix)

Expanding Kernel Lazy Importer

Academic project of Linux rootkit made for Bachelor Engineering Thesis.

Linux kernel rootkit

POC Ring3 Windows Rootkit (x86 / x64) - Hide processes and files

stuxnet Source & Binaries. (+PLC ROOTKIT) ONLY FOR ACADEMICAL RESEARCH AND EDUCATIONAL PURPOSES! Includes: Source files, Binaries, PLC Samples,Fanny Added in another repo.

Now You See Me, Now You Don't

Stuxnet is an extremely sophisticated computer worm that exploits multiple previously unknown Windows zero-day vulnerabilities to infect computers and spread. Its purpose was not just to infect PCs bu...

🌳 Go Bonzai™ CLI framework and "batteries included" library of utilities

A x64 Windows Rootkit using SSDT or Hypervisor hook

？什么你说Root？我不到啊 | 致力于编写全面详细的Root教程文档 | 刷机 | 安卓