Found 2,207 repositories(showing 30)
ossec
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
mrexodia
Hiding kernel-driver for x86/x64.
Idov31
Windows rootkit for Intel x64 with 25+ features, demonstrating rootkit techniques compatible with all Windows 10 and Windows 11 versions.
m0nad
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
bytecode77
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
al0ne
Linuxๅบๆฅๅค็ฝฎ/ไฟกๆฏๆ้/ๆผๆดๆฃๆตๅทฅๅ ท๏ผๆฏๆๅบ็ก้ ็ฝฎ/็ฝ็ปๆต้/ไปปๅก่ฎกๅ/็ฏๅขๅ้/็จๆทไฟกๆฏ/Services/bash/ๆถๆๆไปถ/ๅ ๆ ธRootkit/SSH/Webshell/ๆ็ฟๆไปถ/ๆ็ฟ่ฟ็จ/ไพๅบ้พ/ๆๅกๅจ้ฃ้ฉ็ญ13็ฑป70+้กนๆฃๆฅ
ExpLife0011
windows kernel security development
milabs
awesome-linux-rootkits
JKornev
๐บ๐ฆ Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc
xl7dev
Webshell && Backdoor Collection
h3xduck
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
jm33-m0
Selfโhealing Gossip Mesh C2 with Assisted Peer Discovery, Modular PostโExploitation, and OPSECโFocused Transport
MatheuZSecurity
Stealthy Linux Kernel Rootkit for modern kernels (6x)
skyw4tch3r
This is the list of all rootkits found so far on github and other sites.
mohuihui
AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks.With its assistance,you can easily spot and neutralize malwares hidden from normal detectors.
ZeroMemoryEx
Now You See Me, Now You Don't
mempodippy
Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)
XaFF-XaFF
Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
Cr4sh
PCI Express DIY hacking toolkit for Xilinx SP605. This repository is also home of Hyper-V Backdoor and Boot Backdoor, check readme for links and info
Gui774ume
ebpfkit is a rootkit powered by eBPF
nurupo
Linux rootkit for Ubuntu 16.04 and 10.04 (Linux Kernels 4.4.0 and 2.6.32), both i386 and amd64
chokepoint
Azazel is a userland rootkit based off of the original LD_PRELOAD technique from Jynx rootkit. It is more robust and has additional features, and focuses heavily around anti-debugging and anti-detection.
screetsec
This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell
D4stiny
A Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine.
landhb
A basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager
XaFF-XaFF
Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.
joaoviictorti
Windows Kernel Rootkit in Rust
mncoppola
An LKM rootkit targeting Linux 2.6/3.x on x86(_64), and ARM
bitdefender
Hypervisor Memory Introspection Core Library
swwwolf
WinDBG Anti-RootKit Extension