The RunPE program is written in C# to execute a specific executable file within another file's memory using the ProcessHollowing technique.
-
Updated
Jun 3, 2024 - C#
The RunPE program is written in C# to execute a specific executable file within another file's memory using the ProcessHollowing technique.
Rusty Hypervisor - Windows Kernel Blue Pill Type-2 Hypervisor in Rust (Codename: Matrix)
Malware and malicious applications database
Linux/Windows post-exploitation framework made by linux user
This repository contains a variety of plugins and scripts, related to the Volatility framework.
Weaponizing the Linux Kernel (Hide Files/PID, SSH backdoors, SSL Sniffer, ...) by poking around eBPF/XDP
Hypervisor Memory Introspection Core Library
stuxnet Source & Binaries. (+PLC ROOTKIT) ONLY FOR ACADEMICAL RESEARCH AND EDUCATIONAL PURPOSES! Includes: Source files, Binaries, PLC Samples,Fanny Added in another repo.
Collaborative malware exchange repository.
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
A VMBR (Virtual-Machine Based Rootkit) which runs a guest OS and sends the attacker its data
AttackMate is an attack orchestration tool that executes full attack-chains based on playbooks.
Add a description, image, and links to the rootkit topic page so that developers can more easily learn about it.
To associate your repository with the rootkit topic, visit your repo's landing page and select "manage topics."