Alternatives and similar repositories for linux-rootkits:

Users that are interested in linux-rootkits are comparing it to the libraries listed below

• elfmaster / linker_preloading_virus
  An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses
  ☆62Updated 2 years ago
• h3xduck / Umbra
  A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…
  ☆122Updated 3 years ago
• milabs / kopycat
  Linux Kernel module-less implant (backdoor)
  ☆71Updated 3 years ago
• VoidSec / Exploit-Development
  Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
  ☆220Updated last year
• Sentinel-One / peafl64
  Static Binary Instrumentation tool for Windows x64 executables
  ☆196Updated last week
• W3ndige / linux-process-injection
  Proof of concept for injecting simple shellcode via ptrace into a running process.
  ☆64Updated 2 years ago
• waleedassar / RestrictedKernelLeaks
  ☆157Updated 3 years ago
• connormcgarr / Kernel-Exploits
  Kernel Exploits
  ☆247Updated 3 years ago
• IridiumXOR / uclibc-sig
  IDA SIG files for multiarch uClibc library
  ☆38Updated 6 years ago
• redplait / lkcd
  ugly code to check linux kernel memory and dump some internal structures
  ☆46Updated 2 months ago
• cve-north-stars / cve-north-stars.github.io
  Leveraging CVEs as North Stars in vulnerability discovery and comprehension.
  ☆64Updated 10 months ago
• raminfp / basic-windows-kernel-programming
  Windows Kernel Programming
  ☆124Updated 4 years ago
• pathtofile / bpf-hookdetect
  Dectect syscall hooking using eBPF
  ☆145Updated last year
• vp777 / Windows-Non-Paged-Pool-Overflow-Exploitation
  Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…
  ☆196Updated 2 years ago
• yrp604 / bochscpu
  ☆77Updated 4 months ago
• mfthomps / RESim
  Reverse engineering software using a full system simulator
  ☆179Updated this week
• Error996 / bdvl
  bdvl
  ☆112Updated 2 years ago
• 0xf4b1 / bsod-kernel-fuzzing
  BSOD: Binary-only Scalable fuzzing Of device Drivers
  ☆159Updated 3 years ago
• reveng007 / reveng_rtkit
  Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypa…
  ☆242Updated last year
• RITRedteam / goofkit
  In line function hooking LKM rootkit
  ☆51Updated 4 years ago
• ionescu007 / clfs-docs
  Unofficial Common Log File System (CLFS) Documentation
  ☆169Updated 3 years ago
• lcashdol / UPX
  A utility to fix intentionally corrupted UPX packed files.
  ☆82Updated last year
• NozomiNetworks / upx-recovery-tool
  ☆100Updated 2 years ago
• binarly-io / Research_Publications
  ☆101Updated 4 months ago
• liba2k / Insomni-Hack-2022
  Breaking Secure Boot with SMM
  ☆40Updated 2 years ago
• milabs / kjector
  Code injection from Linux kernel to a process
  ☆19Updated last year
• drtychai / browser-exploitation
  A collection of curated resources and CVEs I use for research.
  ☆104Updated 3 years ago
• ocastejon / linux-kernel-learning
  Notes, exploits, and other stuff that I create while learning Linux Kernel exploitation techniques
  ☆87Updated last year
• NtRaiseHardError / Kaiser
  Fileless persistence, attacks and anti-forensic capabilties.
  ☆90Updated 6 years ago
• h0mbre / Windows-Exploits
  ☆90Updated 4 years ago