antirootkit-anti-splicerThe project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers
Stars: ✭ 31 (+0%)
rkorovald_preload userland rootkit
Stars: ✭ 34 (+9.68%)
WebshellWebshell && Backdoor Collection
Stars: ✭ 1,056 (+3306.45%)
SpacecowWindows Rootkit written in Python
Stars: ✭ 81 (+161.29%)
SolarisA local LKM rootkit loader/dropper that lists available security mechanisms
Stars: ✭ 47 (+51.61%)
Php BackdoorYour interpreter isn’t safe anymore — The PHP module backdoor
Stars: ✭ 211 (+580.65%)
VeilVeil 3.1.X (Check version info in Veil at runtime)
Stars: ✭ 2,949 (+9412.9%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+2238.71%)
Armadito AvArmadito antivirus main repository
Stars: ✭ 184 (+493.55%)
HideprocessA basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager
Stars: ✭ 329 (+961.29%)
Www.rootkit.comwww.rootkit.com users section mirror, sql database dump, and a few other files/rootkits.
Stars: ✭ 117 (+277.42%)
lsrootkitRootkit Detector for UNIX
Stars: ✭ 53 (+70.97%)
BdvlLD_PRELOAD Linux rootkit (x86 & ARM)
Stars: ✭ 232 (+648.39%)
SMM-RootkitSMM rootkit similar to LoJax or MosaicRegressor
Stars: ✭ 44 (+41.94%)
Shadow Box For ArmShadow-Box: Lightweight and Practical Kernel Protector for ARM (Presented at BlackHat Asia 2018)
Stars: ✭ 64 (+106.45%)
satan🔓 x86 Linux Kernel rootkit for Debian 9 (4.9.0-11-686-pae)
Stars: ✭ 31 (+0%)
UmbraA LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malware and more.
Stars: ✭ 98 (+216.13%)
ebpfkit-monitorebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits
Stars: ✭ 80 (+158.06%)
VlanyLinux LD_PRELOAD rootkit (x86 and x86_64 architectures)
Stars: ✭ 804 (+2493.55%)
ArmorArmor is a simple Bash script designed to create encrypted macOS payloads capable of evading antivirus scanners.
Stars: ✭ 228 (+635.48%)
Shadow Box For X86Shadow-Box: Lightweight and Practical Kernel Protector for x86 (Presented at BlackHat Asia 2017/2018, beVX 2018 and HITBSecConf 2017)
Stars: ✭ 178 (+474.19%)
Securetea ProjectThe OWASP SecureTea Project provides a one-stop security solution for various devices (personal computers / servers / IoT devices)
Stars: ✭ 181 (+483.87%)
Dnxfirewalldnxfirewall (dad's next-gen firewall), a pure Python next generation firewall built on top of Linux kernel/netfilter.
Stars: ✭ 174 (+461.29%)
Emp3r0rlinux post-exploitation framework made by linux user
Stars: ✭ 419 (+1251.61%)
S6 pcie microblazePCI Express DIY hacking toolkit for Xilinx SP605
Stars: ✭ 301 (+870.97%)
NativePayload CBTNativePayload_CallBackTechniques C# Codes (Code Execution via Callback Functions Technique, without CreateThread Native API)
Stars: ✭ 109 (+251.61%)
FatherLD_PRELOAD rootkit
Stars: ✭ 59 (+90.32%)
superhideExample of hooking a linux systemcall
Stars: ✭ 48 (+54.84%)
IAT APIAssembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.
Stars: ✭ 63 (+103.23%)
raisinReverse shell and rootkit
Stars: ✭ 18 (-41.94%)
NtSymbolResolve DOS MZ executable symbols at runtime
Stars: ✭ 78 (+151.61%)
tor-rootkitA Python 3 standalone Windows 10 / Linux Rootkit using Tor.
Stars: ✭ 142 (+358.06%)
SutekhAn example rootkit that gives a userland process root permissions
Stars: ✭ 62 (+100%)
VegileThis tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell
Stars: ✭ 601 (+1838.71%)
OwlyshieldOwlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact))..
Stars: ✭ 281 (+806.45%)
Rootkits List DownloadThis is the list of all rootkits found so far on github and other sites.
Stars: ✭ 815 (+2529.03%)
ebpfkitebpfkit is a rootkit powered by eBPF
Stars: ✭ 472 (+1422.58%)
HiddenwallTool to generate a Linux kernel module for custom rules with Netfilter hooking. (block ports, Hidden mode, functions to protect etc)
Stars: ✭ 187 (+503.23%)
KicomavKicomAV is an open source (GPL v2) antivirus engine designed for detecting malware and disinfecting it.
Stars: ✭ 227 (+632.26%)
HiddenWindows driver with usermode interface which can hide objects of file-system and registry, protect processes and etc
Stars: ✭ 768 (+2377.42%)
MalwaremultiscanSelf-hosted VirusTotal / MetaDefender wannabe with API, demo UI and Scanners running in Docker.
Stars: ✭ 204 (+558.06%)
Php Antimalware ScannerAMWScan (PHP Antimalware Scanner) is a free tool to scan php files and analyze your project to find any malicious code inside it.
Stars: ✭ 181 (+483.87%)
RootkitLinux rootkit for Ubuntu 16.04 and 10.04 (Linux Kernels 4.4.0 and 2.6.32), both i386 and amd64
Stars: ✭ 601 (+1838.71%)
AvpwnList of real-world threats against endpoint protection software
Stars: ✭ 179 (+477.42%)
Android RootkitA rootkit for Android. Based on "Android platform based linux kernel rootkit" from Phrack Issue 68
Stars: ✭ 167 (+438.71%)
Antimalware ResearchResearch on Anti-malware and other related security solutions
Stars: ✭ 163 (+425.81%)
VegileThis tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell
Stars: ✭ 478 (+1441.94%)
rkduckLinux v4.x.x Rootkit
Stars: ✭ 83 (+167.74%)
Judge-Jury-and-ExecutableA file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Stars: ✭ 66 (+112.9%)
clamdGolang clamd (clamav daemon) client library
Stars: ✭ 23 (-25.81%)
MalwareRootkits | Backdoors | Sniffers | Virus | Ransomware | Steganography | Cryptography | Shellcodes | Webshells | Keylogger | Botnets | Worms | Other Network Tools
Stars: ✭ 156 (+403.23%)