FU
short description:

The FU rootkit can hide processes, elevate process privileges, fake out the Windows Event Viewer so that forensics is impossible, and even hide device drivers (NEW!) All this without any hooking.

long description:

The FU rootkit can hide processes, elevate process privileges, fake out the Windows Event Viewer so that forensics is impossible, and even hide device drivers (NEW!). (Look, Mom, no hands!) It does all this by Direct Kernel Object Manipulation (TM); no hooking! This project has been evolving other time. It was originally conceived as a proof-of-concept. FU is a play on words from the UNIX program "su" used to elevate privilege.

project leader:

fuzen_op

homepage:

changelog:

https://www.rootkit.com/vault/fuzen_op/FU_README.txt

download:

https://www.rootkit.com/vault/fuzen_op/FU_Rootkit.zip

font:
http://www.rootkit.com/project.php?id=12

Bye

Kernel Rocket

[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入！