Skip to content

Latest commit

 

History

History
64 lines (53 loc) · 5.79 KB

ROOTKITS_AND_BOOTKITS.md

File metadata and controls

64 lines (53 loc) · 5.79 KB
Raw

##Rootkits

2005

Link Title
http://www.phrack.org/issues/63/8.html Raising The Bar For Windows Rootkit Detection
http://www.uninformed.org/?v=all&a=14 Bypassing PatchGuard on Windows x64

2006

Link Title
http://www.uninformed.org/?v=all&a=28 Subverting PatchGuard Version 2

2007

Link Title
http://www.uninformed.org/?v=all&a=38 A Brief Analysis of PatchGuard Version 3
http://www.uninformed.org/?v=8&a=2 A Catalog of Windows Local Kernel-mode Backdoor Techniques

2011

Link Title
http://opensecuritytraining.info/Rootkits.html Rootkits: What they are, and how to find them

2015

Link Title
https://www.malwaretech.com/2015/01/using-kernel-rootkits-to-concea.html Using Kernel Rootkits to Conceal Infected MBR

2016

Link Title
http://www.sekoia.fr/blog/wp-content/uploads/2016/10/Rootkit-analysis-Use-case-on-HIDEDRV-v1.6.pdf Rootkit analysis: Use case on HideDRV

2017

Link Title
https://countercept.com/our-thinking/analyzing-the-doublepulsar-kernel-dll-injection-technique/ Analyzing the DOUBLEPULSAR Kernel DLL Injection Technique
https://www.cyberark.com/threat-research-blog/ghosthook-bypassing-patchguard-processor-trace-based-hooking/ GhostHook – Bypassing PatchGuard with Processor Trace Based Hooking
https://zerosum0x0.blogspot.co.uk/2017/07/puppet-strings-dirty-secret-for-free.html Puppet Strings - Dirty Secret for Windows Ring 0 Code Execution

2018

Link Title
https://exatrack.com/public/Uroburos_EN.pdf Hey Uroburos! What's up ?

##Bootkits ###2012

Link Title
https://securelist.com/analysis/publications/36563/xpaj-reversing-a-windows-x64-bootkit/ XPAJ: Reversing a Windows x64 Bootkit

###2014

Link Title
https://www.malwaretech.com/2014/04/coding-malware-for-fun-and-not-for.html Coding Malware for Fun and Not for Profit (Because that would be illegal)
https://www.virusbulletin.com/uploads/pdf/conference/vb2014/VB2014-RodionovMatrosov.pdf BOOTKITS: PAST, PRESENT & FUTURE

###2015

Link Title
https://www.malwaretech.com/2015/02/bootkit-disk-forensics-part-1.html Bootkit Disk Forensics – Part 1
http://www.malwaretech.com/2015/03/bootkit-disk-forensics-part-2.html Bootkit Disk Forensics – Part 2
http://www.malwaretech.com/2015/03/bootkit-disk-forensics-part-3.html Bootkit Disk Forensics – Part 3