Load your driver like win32k.sys
Your interpreter isn’t safe anymore — The PHP module backdoor
Jormungandr is a kernel implementation of a COFF loader, allowing kernel...
Linux kernel rootkit
Shadow-Box: Lightweight and Practical Kernel Protector for x86 (Presente...
Windows x64 kernel mode rootkit process hollowing POC.
a summary of linux rootkits published on GitHub
A Python 3 standalone Windows 10 / Linux Rootkit using Tor.
stuxnet Source & Binaries. (+PLC ROOTKIT) ONLY FOR ACADEMICAL RESEARCH A...
A programmable and rootkit-like Windows remote access tool.
LD_PRELOAD rootkit
ebpfkit-monitor is a tool that detects and protects against eBPF powered...
It's a kernel-based keylogger for Windows x86/x64.
Winsock accept() Backdoor Implant.
A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdo...