-
Jormungandr
Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel. (by Idov31)
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
This is not an exploit nor an example about how to write a driver and I didn't write anywhere about an exploit or how to write an driver. If you are looking for these kind of resources, feel free to check out my driver programming blog series "Lord of the Ring0" (and a talk that will be released soon! :) ): https://idov31.github.io/2022/07/14/lord-of-the-ring0-p1.html
What is the reasoning for making another COFF loader if we can load PEs in memory now with public examples such as https://github.com/Octoberfest7/Inline-Execute-PE? The whole COFF loading thing served a purpose while people were unaware of how to load a PE in memory, but now I don’t see the point or logic for continuing to use jt
Related posts
-
Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
-
Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
-
Jormungandr: Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
-
Release Version 0.4 Release - Nidhogg - The goal of Nidhogg is to provide an all-in-one and easy-to-use rootkit with multiple helpful functionalities for red team engagements that can be integrated with your C2 framework via a single header file - this version introduced various new capabilities
-
Nidhogg: Nidhogg is an all-in-one simple to use rootkit for red teams.