Hiding kernel-driver for x86/x64.
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
Nidhogg is an all-in-one simple to use windows kernel rootkit.
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc
Linux/Windows post-exploitation framework made by linux user
This is the list of all rootkits found so far on github and other sites.
Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
PCI Express DIY hacking toolkit for Xilinx SP605. This repository is also home of Hyper-V Backdoor and Boot Backdoor, check readme for links and info
ebpfkit is a rootkit powered by eBPF
Linux rootkit for Ubuntu 16.04 and 10.04 (Linux Kernels 4.4.0 and 2.6.32), both i386 and amd64
This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will...
A basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager
Hypervisor Memory Introspection Core Library