itsMe Posted April 18, 2023 Share Posted April 18, 2023 This is the hidden content, please Sign In or Sign Up Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality. Designed for Red Teams. Rootkit Features Rootkit can be loaded with kdmapper to bypass DSE, Black Angel Loader may not be working properly yet. Project driver-hijack is used to maintain full driver functionality such as callback support. DSE Bypass (No need to turn test signing on) KPP Bypass Hide processes Hide ports (TCP/UDP) Process permission elevation Process protection Shellcode injector (Unkillable shellcode. Even if process dies, shellcode can still run) (TODO) Hide files/directories (TODO) Hide registry keys This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts