https://github.com/xaff-xaff/kernel-process-hollowing

Windows x64 kernel mode rootkit process hollowing POC.
https://github.com/xaff-xaff/kernel-process-hollowing

kernel-driver processhollowing rootkit windows x64

Last synced: 5 months ago
JSON representation

Windows x64 kernel mode rootkit process hollowing POC.

Host: GitHub
URL: https://github.com/xaff-xaff/kernel-process-hollowing
Owner: XaFF-XaFF
License: mit
Created: 2023-06-28T19:54:42.000Z (over 2 years ago)
Default Branch: master
Last Pushed: 2023-06-30T12:17:58.000Z (over 2 years ago)
Last Synced: 2025-03-31T23:51:07.093Z (7 months ago)
Topics: kernel-driver, processhollowing, rootkit, windows, x64
Language: C++
Homepage:
Size: 27.3 KB
Stars: 186
Watchers: 5
Forks: 27
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE.txt

Awesome Lists containing this project

README

          # Windows Kernel Mode Process Hollowing

This project is a proof of concept of how the Process Hollowing technique works from the kernel level.

### Resources

[SSDT Hook](https://github.com/Idov31/Jormungandr)

[Process Hollowing](https://github.com/XaFF-XaFF/ZwProcessHollowing)

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/xaff-xaff/kernel-process-hollowing

Awesome Lists containing this project

README