FU
short description:

The FU rootkit can hide processes, elevate process privileges, fake out the Windows Event Viewer so that forensics is impossible, and even hide device drivers (NEW!) All this without any hooking.

long description:

The FU rootkit can hide processes, elevate process privileges, fake out the Windows Event Viewer so that forensics is impossible, and even hide device drivers (NEW!). (Look, Mom, no hands!) It does all this by Direct Kernel Object Manipulation (TM); no hooking! This project has been evolving other time. It was originally conceived as a proof-of-concept. FU is a play on words from the UNIX program "su" used to elevate privilege.

project leader:

fuzen_op

homepage:

changelog:

https://www.rootkit.com/vault/fuzen_op/FU_README.txt

download:

https://www.rootkit.com/vault/fuzen_op/FU_Rootkit.zip

font:
http://www.rootkit.com/project.php?id=12

Bye

Kernel Rocket

[培训]内核驱动高级班，冲击BAT一流互联网大厂工作，每周日13:00-18:00直播授课