482 skills found · Page 1 of 17
ossec / Ossec HidsOSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
Idov31 / NidhoggWindows rootkit for Intel x64 with 25+ features, demonstrating rootkit techniques compatible with all Windows 10 and Windows 11 versions.
m0nad / DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
bytecode77 / R77 RootkitFileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
al0ne / LinuxCheckLinux应急处置/信息搜集/漏洞检测工具,支持基础配置/网络流量/任务计划/环境变量/用户信息/Services/bash/恶意文件/内核Rootkit/SSH/Webshell/挖矿文件/挖矿进程/供应链/服务器风险等13类70+项检查
milabs / Awesome Linux Rootkitsawesome-linux-rootkits
h3xduck / TripleCrossA Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
MatheuZSecurity / SingularityStealthy Linux Kernel Rootkit for modern kernels (6x)
openclarity / OpenclarityOpenClarity is an open source platform built to enhance security and observability of cloud native applications and infrastructure
skyw4tch3r / RootKits List DownloadThis is the list of all rootkits found so far on github and other sites.
mohuihui / AntispyAntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks.With its assistance,you can easily spot and neutralize malwares hidden from normal detectors.
mempodippy / VlanyLinux LD_PRELOAD rootkit (x86 and x86_64 architectures)
XaFF-XaFF / Cronos RootkitCronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
Gui774ume / Ebpfkitebpfkit is a rootkit powered by eBPF
nurupo / RootkitLinux rootkit for Ubuntu 16.04 and 10.04 (Linux Kernels 4.4.0 and 2.6.32), both i386 and amd64
chokepoint / AzazelAzazel is a userland rootkit based off of the original LD_PRELOAD technique from Jynx rootkit. It is more robust and has additional features, and focuses heavily around anti-debugging and anti-detection.
screetsec / VegileThis tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell
D4stiny / SpectreA Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine.
landhb / HideProcessA basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager
joaoviictorti / ShadowWindows Kernel Rootkit in Rust
