Original project name is ZEROKIT.
Somewhere in sources you can find sig ZPAG. It's mean: Zerokit Powerful As Gog. What is in little-endian mean: GAPZ.
The purpose of the project is not to stimulate malicious projects, but only laid out for the community concerned for academic purposes.
I am not responsible for the malicious use of this code, neither before nor now nor in the future.
It's my own research and development during 2010-2012 years. But some parts, like PowerLoader is not mine.
- https://www.welivesecurity.com/wp-content/uploads/2013/04/gapz-bootkit-whitepaper.pdf
- https://recon.cx/2013/slides/Recon2013-Aleksandr%20Matrosov%20and%20Eugene%20Rodionov-Reconstructing-Gapz%20Position-Independent%20Code%20Analysis%20Problem.pdf
- https://www.welivesecurity.com/wp-content/uploads/2013/05/CARO_2013.pdf
- https://www.virusbulletin.com/uploads/pdf/conference/vb2014/VB2014-RodionovMatrosov.pdf
- https://www.sba-research.org/wp-content/uploads/publications/Bootkit_EuroSec_2014.pdf
- https://habr.com/ru/company/eset/blog/169131/
- https://habr.com/ru/company/eset/blog/174169/
- https://habr.com/ru/company/eset/blog/175911/
- https://xakep.ru/2013/11/05/full-bootkit-history/
- https://github.com/Darkabode/0ctrl
- https://github.com/Darkabode/possessor
- https://github.com/Darkabode/android-possessor
- https://github.com/Darkabode/0lib
- https://github.com/Darkabode/amte
(c) 2019 Thank you!