GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → alexkrnl → Kernel-dll-injector

alexkrnl / Kernel-dll-injector

Licence: other
Kernel-Mode Driver that loads a dll into every new created process that loads kernel32.dll module

Programming Languages

c
50402 projects - #5 most used programming language
C++
36643 projects - #6 most used programming language

Labels

windowskerneldllmalwareinjectionmalware-analyzermalware-analysiskernelinjectorwindowskernel

Projects that are alternatives of or similar to Kernel-dll-injector

decrypticon
Java-layer Android Malware Simplifier
Stars: ✭ 17 (-93.36%)
Mutual labels:  malware, malware-analyzer, malware-analysis
malware-writeups
Personal research and publication on malware families
Stars: ✭ 104 (-59.37%)
Mutual labels:  malware, malware-analyzer, malware-analysis
yara
Malice Yara Plugin
Stars: ✭ 27 (-89.45%)
Mutual labels:  malware, malware-analyzer, malware-analysis
Simplify
Android virtual machine and deobfuscator
Stars: ✭ 3,865 (+1409.77%)
Mutual labels:  malware, malware-analyzer, malware-analysis
Lime Crypter
Simple obfuscation tool
Stars: ✭ 217 (-15.23%)
Mutual labels:  malware, injection
Invoker
Penetration testing utility, and antivirus assessment tool.
Stars: ✭ 178 (-30.47%)
Mutual labels:  dll, injection
FA2sp
C&C Red Alert 2: Yuri's Revenge Map Editor : Final Alert 2 extension
Stars: ✭ 28 (-89.06%)
Mutual labels:  dll, injection
maalik
Feature-rich Post Exploitation Framework with Network Pivoting capabilities.
Stars: ✭ 75 (-70.7%)
Mutual labels:  dll, malware
Malwaretrainingsets
Free Malware Training Datasets for Machine Learning
Stars: ✭ 151 (-41.02%)
Mutual labels:  malware, malware-analysis
ProcessInjector.NET
Learning Process Injection and Hollowing techniques
Stars: ✭ 23 (-91.02%)
Mutual labels:  dll, injection
Sharpneedle
Inject C# code into a running process
Stars: ✭ 301 (+17.58%)
Mutual labels:  dll, injection
Threat Hunting
Personal compilation of APT malware from whitepaper releases, documents and own research
Stars: ✭ 219 (-14.45%)
Mutual labels:  malware, malware-analysis
Lisa
Sandbox for automated Linux malware analysis.
Stars: ✭ 177 (-30.86%)
Mutual labels:  malware, malware-analysis
Pepper
An open source script to perform malware static analysis on Portable Executable
Stars: ✭ 250 (-2.34%)
Mutual labels:  malware, malware-analysis
Antidebugging
A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
Stars: ✭ 161 (-37.11%)
Mutual labels:  malware, malware-analysis
UniversalUnityHooks
A framework designed to hook into and modify methods in unity games via dlls
Stars: ✭ 78 (-69.53%)
Mutual labels:  dll, injection
Reflexil
The .NET Assembly Editor
Stars: ✭ 1,117 (+336.33%)
Mutual labels:  dll, injection
Pcsgolh
PCSGOLH - Pointless Counter-Strike: Global Offensive Lua Hooks. A open-source Lua API for CS:GO hacking written in modern C++
Stars: ✭ 56 (-78.12%)
Mutual labels:  dll, injection
Injectallthethings
Seven different DLL injection techniques in one single project.
Stars: ✭ 1,297 (+406.64%)
Mutual labels:  dll, malware
Vac Hooks
Hook WinAPI functions used by Valve Anti-Cheat. Log calls and intercept arguments & return values. DLL written in C.
Stars: ✭ 103 (-59.77%)
Mutual labels:  dll, injection
View All Similar Projects ➔

Kernel-dll-injector

Kernel-Mode Driver that loads a dll into every new created process that loads kernel32.dll module
Code is based on reversed rootkit Sirifef aka max++, one of the most well coded rootkits for Windows Operating Systems of all time

How to use

Project is compiled using VS 2013 and WDK 8.1, if you use a new version simply upgrade the whole project, should work just fine
Windows x86 version only
Place your dll in whatever location, compile the driver with the new dll path
Load the driver
Dll should inject in every new process that needs to load kernel32.dll

Limitations

Not compatible with x64, but adaptability its pretty much straightforward
Not sure about the impact the whole process injection can cause on the system, tested the project for about 1 hour and no BSOD's whatsoever

More Information

https://alexvogtkernel.blogspot.com/2018/09/kernel-injection-code-reversing-sirifef.html

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].