Skip to content
View bytecode77's full-sized avatar
🤔
return to libc
🤔
return to libc
1.1k followers · 3 following

Achievements

Achievement: Starstruckx3Achievement: Arctic Code Vault Contributor

Achievements

Achievement: Starstruckx3Achievement: Arctic Code Vault Contributor

Block or report bytecode77

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
bytecode77/README.md

r77 Rootkit

Fileless ring 3 rootkit

  • Hides processes, files, network connections, etc.
  • Out of the box, single file installer
  • Fileless persistence, in-memory injection


PEunion

Crypter, binder & downloader

  • In-memory decryption & execution
  • Two-layer execution architecture


Living Off The Land

State of the art fileless attacks

  • Execution without any files
  • Process injection
  • Persistence

... It's technically not even there

Pinned Loading

  1. r77-rootkit r77-rootkit Public

    Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.

    C 1.9k 425

  2. pe-union pe-union Public

    Crypter, binder & downloader with native & .NET stub, evasive by design, user friendly UI

    Assembly 684 149

  3. living-off-the-land living-off-the-land Public

    Fileless attack with persistence

    C++ 352 56

  4. slui-file-handler-hijack-privilege-escalation slui-file-handler-hijack-privilege-escalation Public

    Slui File Handler Hijack UAC Bypass Local Privilege Escalation

    C++ 92 36

  5. self-morphing-csharp-binary self-morphing-csharp-binary Public

    Executable that mutates its own code

    C# 376 106

  6. bytecode-api bytecode-api Public

    Framework for C# development

    C# 71 22