一个制作可启动U盘的开源工具。无需反复地格式化U盘,只需要把ISO文件拷贝到U盘即可启动了,可一次性拷贝多个不同类型的ISO文件
C and C++ database for objects and structs
Collection of codes focused on Linux rootkits
ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.
Fileless persistence, attacks and anti-forensic capabilties.
uefi diskless persistence technique + OVMF secureboot bypass
「🚪」Linux Backdoor based on ICMP protocol
A PERSISTENT FUD Backdoor ReverseShell coded in C for any Windows distro, that will make itself persistent on every BOOT and fire a decoy app in the foreground while connecting back to the attacker ...
persistent windows backdoor with reverse shell
Simple Linux RAT. Foundation for more sophisticated malware.
Linux Rootkit (x86-64 / ARM64) that stealth hides processes, files, and sockets, hooks syscalls, encrypts traffic, and bypasses SELinux / AppArmor.
A tool for stealth persistence and bypassing security controls on Windows systems through shadow cache manipulation and direct syscall invocation.
PoC 'fileless' hybrid malware that uses exploit CVE-2021-36934 (improper ACLs on shadow copies) including threat detection files. This repo is for educational and cybersecurity research purposes only.
This repository, "Why-so-Serious-SAM," showcases a proof of concept for the HiveNightmare fileless exploit on Windows 11. 🐙 Dive into the details of fileless malware techniques and their implications...
Linux-persistence shows how to join user/pid/net/mnt/ipc/uts/cgroup namespaces via /proc/*/ns/* and setns(), unshare with UID/GID mapping, daemonize, beacon over 127.0.0.1:8443, optional self-delete. ...