vmcall/latebros vmcall/latebros

  • Stars
    star
    197
  • Rank 196,841 (Top 4 %)
  • Language
    C++
  • License
    GNU General Publi...
  • Created almost 7 years ago
  • Updated over 6 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
vmcall/latebros
github

vmcall

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

x64 usermode rootkit

latebros

x64 usermode rootkit. This was a project i made (with help from Daax and JustMagic) while researching usermode rootkits. Project is neither under development nor finished.

Capabilities

  • Hide process from enumeration
  • Hide registry key from enumeration
  • Hide file for modification
  • Protect process from modification
  • Protect file from modification
  • Protect registry key from erasure

Hooks

  • ntdll.dll!NtOpenProcess
  • ntdll.dll!NtQuerySystemInformation
  • ntdll.dll!NtCreateFile
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtQueryDirectoryFile
  • ntdll.dll!NtDeleteValueKey
  • ntdll.dll!NtEnumerateValueKey

Thanks to

  • Daax
  • JustMagic

More Repositories

1

dxgkrnl_hook

C++ graphics kernel subsystem hook
C
469
star
2

loadlibrayy

x64 manualmapper with kernel elevation and thread hijacking capabilities
C#
413
star
3

nt-mapper

C++17 PE manualmapper
C++
244
star
4

owned_alignment

Hooking kernel functions by abusing alignment
C++
238
star
5

MapDetection

Detect manualmapped images remotely, without hassle
C#
153
star
6

x64-vm

x86-64 virtual machine and disassembler
C++
122
star
7

ElevateMe

Handle access elevation via direct kernel object manipulation
C#
119
star
8

ayyxam

Bypass for The Digital Exam Monitor developed by the Danish Ministry of Education (Den Digitale PrΓΈvevagt) and ExamCookie
C
103
star
9

battleye_emulation

BattlEye BEClient<->BEService usermode emulator
C++
80
star
10

eye_mapper

BattlEye x64 usermode injector
C++
61
star
11

token_manipulation

Bypass User Account Control by manipulating tokens
C++
31
star
12

captain_black

Black Desert Online cheayyt
C++
26
star
13

nt

NT reversal
C++
24
star
14

ControlCSGO

Old (read: bad) external csgo cheat, includes knife changer and convar bypass
C#
24
star
15

eac_reversal

Linux EAC reversal (.so)
C++
21
star
16

tetris

Tetris (ASCII) in c++17
C++
14
star
17

loggr

C++ console logging library (fmt wrapper)
C++
13
star
18

math

Math shit - Variadic vector and polygon math, statistical analysis etc
C++
11
star
19

tasklist-brutus

Undocumented way of fetching list of processes by bruteforcing NtQuerySystemInformation
C++
11
star
20

MatematikFessorBot

A bot that automated my math homework in middle school
C#
9
star
21

nc3ctf2019

NC3 CTF 2019
C++
4
star
22

vmcall

2
star
23

src

Analysis of numerical algorithms
C++
1
star