Rootkits: Subverting the Windows Kernel [Source/PDF]

This is an extremely useful book on rootkits: Rootkits: Subverting the Windows Kernel

PDF: http://micropenguin.net/files/Other/Rootkits_Subverting_the_Windows_Kernel.pdf

It took me awhile to find all of the source code examples in the book. Since rootkit.com has been taken down, and that is where the book directs you to download from.

These are the examples listed in the book:

InstDrv.zip
migbot.zip
basic_1.zip
basic_hardware.zip
basic_keysniff.zip
HideProcessHookMDL.zip
HybridHook.zip
Klog 1.0.zip
rk_044.zip
strace_Fuzen.zip
SysEnterHook.zip
vice.zip

HaleOS

Development of a simple x64 bit operating system is now in progress! Matt and I are working on creating a PDF that will explain the methodologies of it’s boot/load/run process.
As well as releasing the source code on GitHub. More information can be found here.

Please visit our forums for questions.