usermode-rootkit

Here are 2 public repositories matching this topic...

28Zaaky / Usermode-Rootkit

Windows usermode rootkit with inline hooking for process/file/registry hiding, indirect syscalls, keylogger, HTTPS C2, dropper, and EDR/AV evasion.

windows pentesting syscalls aes-encryption offensive-security malware-development apc red-team usermode rootkits process-injection ppid-spoofing edr-evasion usermode-rootkit

Updated Jan 22, 2026
C++

Elfus-elfy / Usermode-Rootkit

Star

🛡️ Explore a simple Windows usermode rootkit for educational purposes, showcasing privilege escalation, stealth features, and remote management capabilities.

windows rootkit malware syscalls aes-encryption memory-analysis offensive-security malware-development apc red-team system-security usermode rootkits malware-scanner process-injection ppid-spoofing edr-evasion usermode-rootkit

Updated Jan 2, 2026

Improve this page

Add a description, image, and links to the usermode-rootkit topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the usermode-rootkit topic, visit your repo's landing page and select "manage topics."

Learn more

Provide feedback

Saved searches

Use saved searches to filter your results more quickly