Giter VIP home page Giter VIP logo

advdebug / minerootkit Goto Github PK

View Code? Open in Web Editor NEW
63.0 6.0 15.0 55 KB

PoC Windows Usermode Rootkit made in C# and C++, made to show you how to protect your process using hooking.

License: MIT License

C# 49.04% C 46.84% C++ 4.12%
rootkit csharp cpp evasion malware malware-protection av-evasion malware-analysis malware-research av rootkit-windows user-mode user-mode-rootkit usermode windows

minerootkit's Introduction

MineRootkit

PoC Windows Usermode Rootkit made in C# and C++, made to show you how to protect your process using hooking, but note that this hook is bad and isn't may crash the process, but it's just a poc after all. (if you liked it please give me a start to continue on this and other projects)

Usage

All you have to do is to enter the process id in the textbox which you want the program to be prevented from terminating MineRootkit, you can choose something like Task Manager or Process Explorer.

MineRootkit

Tests (Tested only on windows 10 x64 machine)

Task Manager - Success

TaskMgr

Process Explorer - Success

ProcessExplorer

Process Hacker - Failed (Depends on a kernel-driver)

Video Showcase

Youtube Video Showcase: https://youtu.be/sVxOJApqGJM

Detection (x64 version)

The Rootkit are currently FUD, Note That these results may change as time passes. (uploaded at the date of 12/2/2021)

AntiScan.Me

AntiScan.Me Results:

Executable: AntiScan.Me Executable Detection (0/26 at the time of uploading it.)

Dll: AntiScan.Me Dll Detection (0/26 at the time of uploading it.)

Kleenscan

KleenScan Results:

Executable: KleenScan Executable Detection (0/40 at the time of uploading it.)

Dll: KleenScan Dll Detection (1/40 at the time of uploading it.)

VirusTotal

VirusTotal Results:

Executable: VirusTotal Executable Detection (1/63 at the time of uploading it.)

Dll: VirusTotal Dll Detection (4/64 at the time of uploading it.)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.