bootkit

windows kernel security development

Disable PatchGuard and Driver Signature Enforcement at boot time

Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus)

Bootkit / Windows Login Password Bypass Tool

Rusty Hypervisor - Windows UEFI Blue Pill Type-1 Hypervisor in Rust (Codename: Illusion)

A programmable and rootkit-like Windows remote access tool.

A boot record parser that identifies known good signatures for MBR, VBR and IPL.

SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.

CMake template for a basic EFI application/bootkit. This library is header-only, there is no EDK2 runtime!).

UEFI Bootkit with user-mode communication

Stuxnet is an extremely sophisticated computer worm that exploits multiple previously unknown Windows zero-day vulnerabilities to infect computers and spread. Its purpose was not just to infect PCs but to cause real-world physical effects. Specifically, it targets centrifuges used to produce the enriched uranium that powers nuclear weapons and reactors.

Cryline project - It's a simple test ransomware for Windows OS without stable encryption. Pls use this source code for study purposes only. The author is't responsible for your actions.

This is an EfiGuard BootLoader that can boot EfiGuard from Usermode with no USB or Setup as a Single Executable with automatic File Dumping using Bytes.

The sequel to Voyager

Compact MBR Bootkit for Windows

Enum and Remove Hook in Windows

PEIM (UEFI) bootkit targeting OVMF (EDK2)

LOJAX ROOTKIT (UEFI) +PDF Included[x]

Another UEFI runtime bootkit

A UEFI Application that hooks SetVariable to allow a user-space program to access kernel memory.