Windows rootkit development for red teaming
*
Part 1 | Introduction
Part 2 | A tale of routines, IOCTLs and IRPs
Part 3 | Sailing to the land of the user (and debugging the ship)
Part 4 | The call back home
Part 5 | Saruman's Manipulation


*
#malware #windows #rootkit

Windows rootkit development for red teaming and adversary emulation
Excellent series by
@Idov31

Part 1:
https://idov31.github.io/2022/07/14/lord-of-the-ring0-p1.html
Part 2:
https://idov31.github.io/2022/08/04/lord-of-the-ring0-p2.html
Part 3:
https://idov31.github.io/2022/10/30/lord-of-the-ring0-p3.html
Part 4:
https://idov31.github.io/2023/02/24/lord-of-the-ring0-p4.html
PArt 5:
https://idov31.github.io/2023/07/19/lord-of-the-ring0-p5.html

−−−−−−−−−−−−−−−−−−−−−−

#windows , #infosec , #rootkit , #red_team , #adversary_emulation

creating a Rootkit to Learn C

credit : @h0mbre_

https://h0mbre.github.io/Learn-C-By-Creating-A-Rootkit/#

#rootkit ,

Rootkit resources:

creating a Rootkit to Learn C
[+]‌‌ GitHub
Windows Bootkits Guide
[+] blog
Experimental Windows x64 Kernel Rootkit
[+] GitHub
windows rootkit dev series
[+] GitHub
Organized list of my malware development resources
[+] GitHub
implementation examples of basic rootkit functionality and the basics of kernel driver development
[+] GitHub
Windows rootkit development for red teaming series
[+] Link


CodeMachine - Windows Kernel Rootkit Techniques
[+] Course
The rootkit arsenal 📚
[+] book
Exploits and rootkits in your browser extensions DEFCON 2021


#rootkit

Into the Rabbit Hole – Offensive DNS Tunneling Rootkits
Dns Tunneling

#Tunneling #exfiltration #DNS #Rootkit