Skip to content

Releases: Idov31/Nidhogg

Version 1.0 Release

11 Feb 07:06
@Idov31 Idov31
v1.0
be3273f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
Version 1.0 Release Latest
Latest

New features:

  • Driver hiding / unhiding

  • Module hiding

  • Port hiding / unhiding

  • Query hidden ports

  • Thread unhiding

  • Credential Dumping

  • NidhoggScript Execution

  • Initial Operations (As requested in #34 )

Improvements:

  • Refactored the driver side code and improved code quality in terms of readability, simplicity and bug fixing.
  • Refactored the client side code and improved code quality in terms of readability, simplicity and bug fixing.
  • Reduced the amount of IOCTLs.
  • Added automatic allocation / deallocations.
  • Fixed memory leaks.

Misc

  • New logo
  • New wiki
  • Prints can be now turned off / on with a single #define
Assets 2
Loading

Version 0.4 Release

07 May 08:11
@Idov31 Idov31
v0.4
53b9e58
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Version 0.4 Release

Version 0.4 Release

New features:

  • DLL Injection

    • Via APC
    • Via NtCreateThread

  • Shellcode Injection

    • Via APC
    • Via NtCreateThread

  • Unregistering and restoring callbacks

    • ObCallbacks
    • PsSetCreateProcessNotifyRoutine
    • PsSetCreateThreadNotifyRoutine
    • Image Load
    • Registry callbacks

  • ETWTI tampering (disable and enable)

Improvements

  • Fixed kdmapper compatibility issues
  • Added validation for SSDT function getting
  • Added length check to registry objects
  • Increased overall stability

Misc

  • Created CMake to compile the client
  • Made driver code more efficient
Assets 2
Loading

Version 0.3 Release

21 Feb 19:03
@Idov31 Idov31
v0.3
90005bb
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Version 0.3 Release

Version 0.3 Release

New features:

  • Driver can be reflectively loaded with kdmapper
  • PP/PPL managing
  • Protecting threads
  • Hiding threads
  • Changed method for file protection (IRP hooking)

Improvements

  • Changed memory address validation to a better way (address range check instead of the dangerous MmIsAddressValid function)
  • Added locks before accessing EPROCESS/ETHREAD structures
  • Increased overall stability

Misc

  • Changed the client code to work with namespaces instead
  • Made both the driver and client code more efficient
Assets 2
Loading

Version 0.2 Release

23 Oct 10:47
@Idov31 Idov31
v0.2
f87960f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Version 0.2 Release

Version 0.2 Release

New features:

  • Function patching
  • Built in AMSI & ETW bypass
  • Arbitrary R/W from the kernel

Improvements

  • Added documentation for every function
  • Added execution with partial functionality
  • Increased overall stability

Misc

  • Prettified and organized code.
Assets 2
Loading

Version 0.1

14 Jul 17:10
@Idov31 Idov31
v0.1
803cc88
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Version 0.1

Version 0.1 Release

New features:

  • Anti registry key & value deletion
  • Registry key & value hiding
  • Anti overwriting value
  • Ability to query protected processes / files / registry keys & values.

Improvements

  • Fixed ObUnregisterCallbacks BSOD
  • Fixed UAC BSOD (the KERNEL_SECURITY_CHECK_FAILURE one)
  • Increased overall stability

Misc

  • Prettified and organized code.
Assets 2
Loading

Beta

05 Jun 14:09
@Idov31 Idov31
Beta
9b56e6f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Beta Pre-release
Pre-release

Beta Release

New features:

  • Anti file deletion
  • Anti file overwritting

Improvements:

  • Fixed the hpp file
  • Fixed the example

Misc

  • Added YARA rule
Assets 2
Loading

Alpha

30 May 14:39
@Idov31 Idov31
Alpha
4c208b5
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Alpha Pre-release
Pre-release

Alpha Release

Contains the basic capabilities:

  • Anti process killing
  • Anti process dumping
  • Pe-sieve bypass
  • Process elevation
  • Process hiding
Assets 2
Loading