Repository navigation

#

windows-rootkits

Website
Wikipedia

Idov31 / Nidhogg

Nidhogg is an all-in-one simple to use windows kernel rootkit.

C++Cybersecurity Kernel red-team redteam rootkit Windows windows-rootkits cyber-security driver

C++

2062

302

11 天前

XaFF-XaFF / Cronos-Rootkit

Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.

rootkit Kernel ring0 windows-rootkits x64 Windows

C++

914

190

3 年前

Idov31 / Jormungandr

Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.

C++cyber-security Cybersecurity driver Kernel red-team redteam rootkit Windows windows-rootkits

C++

239

28

2 年前

Idov31 / NidhoggScript

NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg

C++cyber-security Cybersecurity driver Kernel red-team redteam rootkit Windows windows-rootkits

C++

46

10

1 年前

0xd3xt3r / awesome-windows-rootkits

Collection of windows rootkits

malware-analysis malware-research Malware malware-sample windows-rootkits

26

14

5 年前

Idov31 / NidhoggCSharpApi

C# API for Nidhogg rootkit

C#cyber-security Cybersecurity driver Kernel red-team redteam rootkit Windows windows-rootkits

C#

19

7

1 年前

0xflux / Ferric-Fox

A windows 11 rootkit in Rust

edr edr-evasion rootkit security-research windows-kernel windows-rootkits

Rust

12

2

5 个月前

RUTHER-DEV / Process-Hider

Hide processes from Task Manager by manually mapping itself into it and hooking NtQuerySystemInformation

detour dll driver fileless Linux pe process rce ring0 rookit rootkit vulnerability-research win32api windows-rootkits xmrig

C++

0

0

3 个月前