My own 'collection' of windows rootkits.
-
Updated
Feb 16, 2023
My own 'collection' of windows rootkits.
This repository is purposed for learning and setting up a POC of hosting the Elastic Stack on a Windows kernel using Docker. Very useful to host on a Windows server without Hyper-V support for Linux containers.
System info made easy - Python library to find system info on your computer. Requires python ≥ 3.7
A kernel handler reader can read kernel handler from other process
WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs
LumbrJack is a very basic kernel mode logger for 64 bit Windows.
A dedicated repository for exploring offensive kernel-mode techniques.
This is the source code for the Linux kernel that runs in Windows Subsystem for Linux 2 (WSL2).
A multiplatform easy to embed crypto library.
Kernel modules in C++ with CMake: cross-platform system level development library for Linux/Windows/MacOS
Windows kernel development in Rust is not widely used yet. Therefore, here is a simple example of a driver and minifilter written in Rust. Also, I've written some helpful crates. Enjoy!
All undocumented ntoskrnl structs crawled from vergiliusproject.com
WinPools is an example of how Windows kernel big pool addresses can be leaking using NtQuerySystemInformation
POC project to demonstrate performance difference between a critical section and a synchronization kernel object in Windows.
windbg plugin easy-step from user code to kernel code
Research on obfuscated licensing APIs / CLIP service in the Windows kernel
Rootkit for Windows 32-bit
Add a description, image, and links to the windows-kernel topic page so that developers can more easily learn about it.
To associate your repository with the windows-kernel topic, visit your repo's landing page and select "manage topics."