RouNNdeL / anti-rootkit-lkm
A simple anti-rootkit Linux kernel module for an 'Operating Systems Security' course.
☆15Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for anti-rootkit-lkm
- Bootkits☆19Updated last year
- A dynamically loadable virtual-machine based rootkit designed for Linux Kernel v5.13.0 using AMD-V (SVM).☆27Updated 2 years ago
- obfacros - a set of C++ macros that can be used to obfuscate your c/c++ code, to make executables harder for reverse-engineering.☆45Updated 5 years ago
- A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.☆36Updated 2 years ago
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆19Updated 2 years ago
- In-memory ELF shared library loading☆37Updated last year
- ☆12Updated 2 years ago
- Triton based symbolic emulator☆16Updated 2 years ago
- a code virtualizer based on angr☆27Updated last year
- A VMBR (Virtual-Machine Based Rootkit) which runs a guest OS and sends the attacker its data☆27Updated 6 months ago
- PEIM (UEFI) bootkit targeting OVMF (EDK2)☆33Updated 11 months ago
- Dell Driver EoP (CVE-2021-21551)☆26Updated last year
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆49Updated last year
- A KISS Rust crate to parse Windows kernel crash-dumps created by Windows & its debugger.☆33Updated 3 months ago
- My try to implement a virtual CPU in C☆19Updated last year
- This repo contains EXPs about Vulnerable Windows Driver☆19Updated 6 months ago
- Disassembler for Zeus VM custom instruction set☆25Updated 9 months ago
- ☆46Updated 9 months ago
- Playing with LLVM passes☆35Updated last year
- ollvm 4.0 using clang 10.0.1☆13Updated 3 years ago
- LLVM obfuscation pass, flattening at the basic block's level and turning each basic block into a dispacher and each instruction into a ne…☆47Updated 3 years ago
- C/C++ antidebugging library for 32 and 64 bit processors☆12Updated 4 months ago
- Binary Ninja plugin for automating VMProtect analysis☆57Updated last year
- CVE-2021-29337 - Privilege Escalation in MODAPI.sys (MSI Dragon Center)☆29Updated 3 years ago
- How to setup Pycharm to run scripts in IDA using the Run menu (or a keybind)☆39Updated 5 months ago
- 关于intel和amd指令行为不一样这件事☆57Updated 2 years ago
- ☆17Updated last year
- Idiomatic Rust bindings for the IDA SDK, enabling the development of standalone analysis tools using IDA v9.0’s idalib☆80Updated this week
- Injecting into SELinux-protected system service processes under root on Android.☆34Updated 8 months ago
- 参考taviso的代 码逆向一下mpengine.dll☆19Updated 2 years ago