r77 rookit injects into PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON process

bytecode77 / r77-rootkit

Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.

https://bytecode77.com/r77-rootkit

BSD 2-Clause "Simplified" License

1.61k stars 392 forks source link

Closed wineggdrop closed 8 months ago