Skip to content
/ rootkit-arsenal-guacamole Public

An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples

66 stars 18 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

uf0o/rootkit-arsenal-guacamole

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
projects
projects
 
 
README.md
README.md
 
 

Repository files navigation

rootkit-arsenal-guacamole

An attempt to restore and adapt to modern Win10 version the Rootkit Arsenal original code samples All projects have been ported to x64 and tested on latest Win10 (2004 - 19041.746)

Projects

Templates

  • KMD : Kernel Mode Driver template that includes a userland C&C template
  • IRQL : multicore synchronization primimitives via rising IRQL through DPCs
  • ReadPE : Parse PE IAT

Userland Hooking

  • RemoteThread : CreateRemoteThread for DLL injection | ported to x64 + DLL to be injected as argument
  • IATHooking : DLL that perform IAT hooking on a given function

Kernel Hooking

[underway]

About

An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples

Resources

Readme
Activity

Stars

66 stars

Watchers

4 watching

Forks

18 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages