Repositories (9)
Windows rootkit for Intel x64 with 25+ features, demonstrating rootkit techniques compatible with all Windows 10 and Windows 11 versions.
Sandman is a NTP based backdoor for hardened networks.
Shellcode injection technique. Given as C++ header, standalone Rust program or library.
PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.
Venom is a library that meant to perform evasive communication using stolen browser socket
Windows hypervisor for Intel x64: defensive host hypervisor for Windows designed to mitigate kernel-level attacks including BYOVD, compatible with VMware and Hyper-V.
Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
Listing UDP connections with remote address without sniffing.