xkroot's repositories
ac
kernel mode anti cheat
AutoMonitor
windows自动监控截图工具。 windows automatic screenshoter.
Banshee
Experimental Windows x64 Kernel Rootkit.
Beacon_Source
not a reverse-engineered version of the Cobalt Strike Beacon
bof-launcher
Beacon Object File (BOF) launcher - library for executing BOF files in C/C++/Zig applications
Cobalt-Strike-Profiles-for-EDR-Evasion
Cobalt Strike Profiles for EDR Evasion
CrimsonEDR
Simulate the behavior of AV/EDR for malware development training.
DNS-Tunnel-Keylogger
Keylogging server and client that uses DNS tunneling/exfiltration to transmit keystrokes through firewalls.
eBPFeXPLOIT
Exploit tool implemented using ebpf.
EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
GraphStrike
Cobalt Strike HTTPS beaconing over Microsoft Graph API
ImmoralFiber
Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) PhantomThread (An evolved callstack-masking implementation)
InflativeLoading
Dynamically convert a native EXE to PIC shellcode by prepending a shellcode stub
nysm
nysm is a stealth post-exploitation container.
obfus.h
Macro-header for compile-time C obfuscation (tcc, win x86/x64)
obfuscator
PE bin2bin obfuscator
PoolPartyBof
A beacon object file implementation of PoolParty Process Injection Technique.
Stardust
A modern 64-bit position independent implant template
Stinger
CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as Administrator.
TripleCross
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
unKover
PoC Anti-Rootkit to uncover Windows Drivers/Rootkits mapped to Kernel Memory.
VectorKernel
PoCs for Kernelmode rootkit techniques research.
vs-shellcode
Shellcode template for visual studio
Wizard-Wallet-Stealer
🦊🧡 Easy To Use And Source Stealer 12 Seed Phrase Metamask & TrustWallet That's Super Effective , Bypass Antivirus
xeno-rat
Xeno-RAT is an open-source remote access tool (RAT) developed in C#, providing a comprehensive set of features for remote system management. Has features such as HVNC, live microphone, reverse proxy, and much much more!
xz-vulnerable-honeypot
An ssh honeypot with the XZ backdoor. CVE-2024-3094
xzbot
notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
xzre
XZ backdoor reverse engineering