Alternatives and similar repositories for linux-rootkits

Users that are interested in linux-rootkits are comparing it to the libraries listed below

• jermeyyy / rooty
  Academic project of Linux rootkit made for Bachelor Engineering Thesis.
  ☆116Updated last year
• W3ndige / linux-process-injection
  Proof of concept for injecting simple shellcode via ptrace into a running process.
  ☆73Updated 3 years ago
• VoidSec / Exploit-Development
  Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
  ☆233Updated 2 years ago
• elfmaster / linker_preloading_virus
  An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses
  ☆66Updated 3 years ago
• milabs / kopycat
  Linux Kernel module-less implant (backdoor)
  ☆73Updated 4 years ago
• waleedassar / RestrictedKernelLeaks
  ☆164Updated 4 years ago
• h3xduck / Umbra
  A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…
  ☆131Updated 4 years ago
• h0mbre / Windows-Exploits
  ☆90Updated 5 years ago
• R3tr074 / brokepkg
  The LKM rootkit working in Linux Kernels 2.6.x/3.x/4.x/5.x
  ☆132Updated 2 years ago
• milabs / kmatryoshka
  Matryoshka - stacked LKM loader
  ☆54Updated 2 years ago
• connormcgarr / Kernel-Exploits
  Kernel Exploits
  ☆260Updated 4 years ago
• lcashdol / UPX
  A utility to fix intentionally corrupted UPX packed files.
  ☆90Updated 2 years ago
• SourceCodeDeleted / rootkitdev-linux
  Rootkit Development tutorial series. Works on Kernel version 4.15 Can be adapted for 5.3+
  ☆44Updated 3 years ago
• therealdreg / x64dbg-exploiting
  Do you want to use x64dbg instead of immunity debugger? oscp eCPPTv2 buffer overflow exploits pocs
  ☆89Updated last year
• RITRedteam / goofkit
  In line function hooking LKM rootkit
  ☆52Updated 5 years ago
• linuxthor / rkspotter
  Rootkit spotter - experimental Linux rootkit finder LKM
  ☆30Updated 5 years ago
• IridiumXOR / uclibc-sig
  IDA SIG files for multiarch uClibc library
  ☆38Updated 7 years ago
• reveng007 / reveng_rtkit
  Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypa…
  ☆260Updated 2 years ago
• croemheld / lkm-rootkit
  A LKM rootkit for most newer kernel versions.
  ☆180Updated 8 years ago
• raminfp / basic-windows-kernel-programming
  Windows Kernel Programming
  ☆132Updated 5 years ago
• hugsy / pwn--
  pwn++ is a Windows & Linux library oriented for exploit dev but mostly used to play with modern C++ features
  ☆172Updated 5 months ago
• Sentinel-One / peafl64
  Static Binary Instrumentation tool for Windows x64 executables
  ☆207Updated 2 months ago
• SafeBreach-Labs / Back2TheFuture
  Find patterns of vulnerabilities on Windows in order to find 0-day and write exploits of 1-days. We use Microsoft security updates in ord…
  ☆190Updated 4 years ago
• GunshipPenguin / kiteshield
  Packer/Protector for x86-64 ELF binaries on Linux
  ☆173Updated 4 years ago
• vp777 / Windows-Non-Paged-Pool-Overflow-Exploitation
  Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…
  ☆251Updated 3 years ago
• bluedragonsecurity / bds_lkm_ftrace
  Ftrace Based Linux Loadable Kernel Module Rootkit for Linux Kernel 5.x and 6.x on x86_64, hides files, hides process, hides bind shell & …
  ☆28Updated 2 years ago
• Error996 / bdvl
  bdvl
  ☆115Updated 3 years ago
• SilentVoid13 / Silent_Packer
  An ELF / PE binary packer written in pure C, made for fun
  ☆104Updated last year
• redplait / lkcd
  ugly code to check linux kernel memory and dump some internal structures
  ☆48Updated last year
• d3npa / freebsd-rootkits
  Exercises from Designing BSD Rootkits working in 2020 with FreeBSD 12.2
  ☆50Updated 3 years ago