Nidhogg is an all-in-one simple to use rootkit.
Driver hiding / unhiding
Module hiding
Port hiding / unhiding
Query hidden ports
Thread unhiding
Credential Dumping
NidhoggScript Execution
Initial Operations (As requested in #34 )
#define
DLL Injection
Shellcode Injection
Unregistering and restoring callbacks
ETWTI tampering (disable and enable)
Contains the basic capabilities: