A no-reboot, in-memory Linux persistence PoC leveraging namespace joining, user-namespace elevation, and self‑deletion.
☆65Aug 6, 2025Updated 7 months ago
Alternatives and similar repositories for Linux-persistence
Users that are interested in Linux-persistence are comparing it to the libraries listed below
Sorting:
- Released presentations of my talks + code that used during these talks☆15Sep 5, 2024Updated last year
- Swiss Army Knife for payload encryption, obfuscation, and conversion to byte arrays – all in a single command (14 output formats supporte…☆212Mar 7, 2026Updated last week
- Automated script for obfuscating, rebranding and renaming the Havoc C2 Framework to evade AV/EDR and C2 hunters.☆46Aug 13, 2025Updated 7 months ago
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 4 months ago
- Using Chromium-based browsers as a proxy for C2 traffic.☆147Dec 6, 2025Updated 3 months ago
- Modular framework for automating triaging, malware analysis, and analyst workflows☆45May 2, 2025Updated 10 months ago
- Static-Code-Analysis-Helper helps you perform static code analysis.☆32Feb 20, 2026Updated last month
- Materials for CVE-2024-30052.☆12Oct 4, 2024Updated last year
- ETW forensic tool for Volatility3 plugin☆17Nov 15, 2024Updated last year
- PowerShell-based utility for mapping byte offsets to source code using hex and ASCII context for detection research and red team tooling.☆32Dec 31, 2025Updated 2 months ago
- A C and Go /proc/pid/maps cloak of invisibilty for shared object files☆21Nov 19, 2025Updated 4 months ago
- Indirect-Shellcode-Executor expoits the miss-configuration/vulnerability present on the API Windows method ReadProcessMemory discovered b…☆83Nov 15, 2025Updated 4 months ago
- API hashing written in C to load APIs indirectly using CRC32 hashing☆15Jul 27, 2020Updated 5 years ago
- BeaconatorC2 is a framework for red teaming and adversarial emulation, providing a full-featured management interface, along with a catal…☆92Jan 14, 2026Updated 2 months ago
- A proof‑of‑concept C2 framework that uses Server‑Sent Events (SSE) and the MCP protocol for agent registration, command dispatch, and res…☆33Apr 28, 2025Updated 10 months ago
- Rust Weaponization for Red Team Engagements.☆12Nov 14, 2022Updated 3 years ago
- Unix-inspired shell and RAM filesystem for the Commodore 64 (6502 assembly) / AI-assisted development☆23Feb 27, 2026Updated 2 weeks ago
- Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…☆64Apr 2, 2025Updated 11 months ago
- A collection of vibe reverse engineered binaries and malware (for educational purposes only)☆40Mar 3, 2026Updated 2 weeks ago
- CVE-2025-50168 Exploit PoC — Pwn2Own Berlin 2025 - LPE(Windows 11) winning bug.☆143Nov 3, 2025Updated 4 months ago
- Vulnerabilities advisories and PoC☆18Nov 21, 2025Updated 3 months ago
- Research into the lack of padding for responses in pwned passwords☆11Feb 11, 2020Updated 6 years ago
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆34Aug 18, 2025Updated 7 months ago
- Extension Osint Sync☆48Nov 26, 2025Updated 3 months ago
- Generate an Alphabetical Polymorphic Shellcode☆137Aug 19, 2025Updated 7 months ago
- A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.☆67Feb 11, 2025Updated last year
- Synthetic data for object detection and segmentation☆15Oct 5, 2023Updated 2 years ago
- Remote DLL Injection with Timer-based Shellcode Execution☆154Jul 18, 2025Updated 8 months ago
- Stage 0☆169Dec 18, 2024Updated last year
- ☆28Updated this week
- EDR & Antivirus Bypass to Gain Shell Access☆247Sep 30, 2024Updated last year
- Prototype road engine from 1993. Finally morphed into Road Rash after getting the contract from Ocean via Gary Bracey☆16Sep 23, 2025Updated 5 months ago
- A Linux kernel rootkit in Rust using a custom made type-2 hypervisor, eBPF XDP and TC programs☆338Feb 27, 2026Updated 3 weeks ago
- This C# tool sprays for admin access over the entire domain☆90Dec 7, 2025Updated 3 months ago
- A TUI for Active Directory collection.☆132Updated this week
- KittyLoader is a highly evasive loader written in C / Assembly☆258Sep 22, 2025Updated 5 months ago
- A simple bug bounty utility tool to remove uninteresting entries from a list of URLs.☆14Jul 22, 2024Updated last year
- Copy metadata and digital signatures information from one Windows executable to another using Wine on a non-Windows platform☆18Apr 17, 2024Updated last year
- ☆16Feb 6, 2021Updated 5 years ago