Mirrors/Proof-of-Concept-Collection
6
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
main
Proof-of-Concept-Collection/Cross Platform/Rootkits/Deadlands
History
vxunderground fde7492490 Renames and additions
2022-01-13 11:21:27 -06:00
..
srcs Renames and additions 2022-01-13 11:21:27 -06:00
.gitignore Renames and additions 2022-01-13 11:21:27 -06:00
README.md Renames and additions 2022-01-13 11:21:27 -06:00

README.md

Deadlands

Overview

A simple kernel-level rootkit.

Deadlands hides process. It prevents taskmngr from viewing a running process (for example, cmd.exe). Usercode from the project takes the PID of a process to hide, and communicates with our driver through ioctl.

Guidelines

Kenelcode uses DKOM (Direct Kernel Object Manipulation) to hide underlying structures of a process.