killf8 Goto Github PK

3proxy

3proxy - tiny free proxy server

alltools

All reasonably stable tools

antispy

AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks.With its assistance,you can easily spot and neutralize malwares hidden from normal detectors.

anycall

x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration

bitcoin

Bitcoin Core integration/staging tree

black-angel-rootkit

Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.

blackbone

Windows memory hacking library

blacklotus

BlackLotus UEFI Windows Bootkit

chaos-rootkit

x64 ring0 rootkit with process hiding, privilege escalation, and capabilities for protecting and unprotecting processes

cronos-rootkit

Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.

debugdetector

divert

WinDivert: Windows Packet Divert

dns-persist

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

drvmon

a monitoring windows driver calls kernel api tools

easy-hwid-spoofer

基于内核模式的硬件信息欺骗工具

edrs

filelesspeloader

Loading Remote AES Encrypted PE in memory , Decrypted it and run it

freerdp

FreeRDP is a free remote desktop protocol library and clients

hades-windows

Hades HIDS/HIPS for Windows

hidden

🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc

hyperdeceit

HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate operating system tasks with ease.

i2pd

🛡 I2P: End-to-End encrypted and anonymous Internet

imhex

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

imonitor

iMonitor（冰镜 - 终端行为分析系统）

infinityhook

Hook system calls, context switches, page faults and more.

infinityhookpro

InfinityHookPro Win7 -> Win11 latest

injectors

💉 DLL/Shellcode injection techniques

inline-execute-pe

Execute unmanaged Windows executables in CobaltStrike Beacons

irpmon

The goal of the tool is to monitor requests received by selected device objects or kernel drivers. The tool is quite similar to IrpTracker but has several enhancements. It supports 64-bit versions of Windows (no inline hooks are used, only moodifications to driver object structures are performed) and monitors IRP, FastIo, AddDevice, DriverUnload an

jormungandr

Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.