A no-reboot, in-memory Linux persistence PoC leveraging namespace joining, user-namespace elevation, and self‑deletion.
☆65Aug 6, 2025Updated 6 months ago
Alternatives and similar repositories for Linux-persistence
Users that are interested in Linux-persistence are comparing it to the libraries listed below
Sorting:
- 🛠️ Explore custom C2 TTPs with Aether-C2-Framework, focusing on lightweight Rust implants and stealthy transport stacks to reduce forens…☆18Updated this week
- Swiss Army Knife for payload encryption, obfuscation, and conversion to byte arrays – all in a single command (14 output formats supporte…☆211Sep 20, 2025Updated 5 months ago
- Automated script for obfuscating, rebranding and renaming the Havoc C2 Framework to evade AV/EDR and C2 hunters.☆46Aug 13, 2025Updated 6 months ago
- Source code of smaller projects.☆27Feb 1, 2026Updated 3 weeks ago
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 4 months ago
- home-manager module POC for a tracker blocker on the command line☆11Feb 22, 2025Updated last year
- Released presentations of my talks + code that used during these talks☆15Sep 5, 2024Updated last year
- A proof‑of‑concept C2 framework that uses Server‑Sent Events (SSE) and the MCP protocol for agent registration, command dispatch, and res…☆32Apr 28, 2025Updated 10 months ago
- PowerShell-based utility for mapping byte offsets to source code using hex and ASCII context for detection research and red team tooling.☆31Dec 31, 2025Updated 2 months ago
- [Edgeshark] Virtual communication discovery in container hosts☆34Nov 4, 2025Updated 3 months ago
- Using Chromium-based browsers as a proxy for C2 traffic.☆143Dec 6, 2025Updated 2 months ago
- Static-Code-Analysis-Helper helps you perform static code analysis.☆32Feb 20, 2026Updated last week
- ETW forensic tool for Volatility3 plugin☆17Nov 15, 2024Updated last year
- A lightweight test harness designed to speed up shellcode development by providing an execution environment with integrated crash diagnos…☆43Jan 15, 2026Updated last month
- awesome list of browser exploitation tutorials☆13Sep 21, 2018Updated 7 years ago
- Generate an Alphabetical Polymorphic Shellcode☆135Aug 19, 2025Updated 6 months ago
- A tool that supports finding and abusing whitelisted programs to allow arbitrary file writing into the executable folder of Antivirus sof…☆81Nov 1, 2025Updated 3 months ago
- ☆28Feb 11, 2026Updated 2 weeks ago
- Modular framework for automating triaging, malware analysis, and analyst workflows☆45May 2, 2025Updated 9 months ago
- Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…☆63Apr 2, 2025Updated 10 months ago
- EDR & Antivirus Bypass to Gain Shell Access☆246Sep 30, 2024Updated last year
- Make the radius server as part of keycloak SSO☆20Updated this week
- NAT64 agent for Kubernetes deployments☆34Feb 11, 2026Updated 2 weeks ago
- Linux Shared Library to Shellcode Loader☆80Feb 15, 2026Updated last week
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆33Aug 18, 2025Updated 6 months ago
- Remote DLL Injection with Timer-based Shellcode Execution☆154Jul 18, 2025Updated 7 months ago
- LLDB based debugger for Linux Kernel☆28Apr 5, 2025Updated 10 months ago
- A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.☆67Feb 11, 2025Updated last year
- Nix linter based on libnixf☆31Sep 21, 2025Updated 5 months ago
- BeaconatorC2 is a framework for red teaming and adversarial emulation, providing a full-featured management interface, along with a catal…☆92Jan 14, 2026Updated last month
- Authenticated 0-click RCE against Linux 6.1.45 for CVE-2023-52440 and CVE-2023-4130☆52Sep 13, 2025Updated 5 months ago
- AI / LLM Red Team Field Manual & Consultant’s Handbook☆235Feb 3, 2026Updated 3 weeks ago
- SharpSilentChrome is a C# project that "silently" installs browser extensions on Google Chrome or MS Edge by updating the browsers' Prefe…☆188Aug 6, 2025Updated 6 months ago
- A frightfully intelligent algorithmic trading automaton of noble birth. Sir Reginald's prime directive: to acquire undervalued assets pos…☆41Sep 18, 2025Updated 5 months ago
- Vulnerability research assistant that extracts pseudocode from the IDA Hex-Rays decompiler.☆101Feb 20, 2026Updated last week
- A command and control framework.☆54Dec 26, 2024Updated last year
- POCs for CVE-2025-50154 and CVE-2025-59214, zero day vulnerabilities on windows file explorer disclosing NTLMv2-SSP without user interact…☆52Oct 16, 2025Updated 4 months ago
- Collects Prometheus metrics for vulnerabilities of each product in DefectDojo☆14Updated this week
- ☆26Jul 31, 2025Updated 6 months ago