Alternatives and similar repositories for bds_lkm_ftrace

Users that are interested in bds_lkm_ftrace are comparing it to the libraries listed below

• milabs / kopycat
  Linux Kernel module-less implant (backdoor)
  ☆74Updated 4 years ago
• akamai / Linux-Process-Injection
  ☆78Updated 11 months ago
• ksen-lin / nitara2
  yet another hidden LKM hunter
  ☆30Updated last month
• R3x / linux-rootkits
  A collection of Linux kernel rootkits found across the internet taken and put together
  ☆86Updated 3 years ago
• hackerschoice / memexec
  Circumventing "noexec" mount flag to execute arbitrary linux binaries by ptrace-less process injection
  ☆135Updated 5 months ago
• jermeyyy / rooty
  Academic project of Linux rootkit made for Bachelor Engineering Thesis.
  ☆113Updated last year
• mav8557 / Father
  LD_PRELOAD rootkit
  ☆137Updated last year
• leandrofroes / gftrace
  A command line Windows API tracing tool for Golang binaries.
  ☆157Updated last year
• reveng007 / reveng_rtkit
  Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypa…
  ☆259Updated 2 years ago
• lcashdol / UPX
  A utility to fix intentionally corrupted UPX packed files.
  ☆90Updated 2 years ago
• h3xduck / Umbra
  A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…
  ☆129Updated 4 years ago
• milabs / kjector
  Code injection from Linux kernel to a process
  ☆24Updated 2 years ago
• R3tr074 / brokepkg
  The LKM rootkit working in Linux Kernels 2.6.x/3.x/4.x/5.x
  ☆132Updated 2 years ago
• W3ndige / linux-process-injection
  Proof of concept for injecting simple shellcode via ptrace into a running process.
  ☆73Updated 3 years ago
• FFRI / ShadeBIOS
  PoC code of Shade BIOS (stripped) presented at Black Hat USA 2025
  ☆59Updated 3 months ago
• elfmaster / linker_preloading_virus
  An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses
  ☆67Updated 3 years ago
• HackingThings / OneBootloaderToLoadThemAll
  One Bootloader to Load Them All - Research materials, Code , Etc.
  ☆59Updated 3 years ago
• antifob / linux-prinj
  Linux process injection PoCs
  ☆30Updated last year
• Trigleos / ELFREVGO
  Anti-analysis tool that obfuscates ELF files
  ☆35Updated 4 years ago
• SilentVoid13 / Silent_Packer
  An ELF / PE binary packer written in pure C, made for fun
  ☆101Updated last year
• BishopFox / asminject
  Heavily-modified fork of David Buchanan's dlinject project. Injects arbitrary assembly (or precompiled binary) payloads directly into x86…
  ☆142Updated 3 years ago
• tandasat / CVE-2023-36427
  Report and exploit of CVE-2023-36427
  ☆89Updated last year
• therealdreg / nasm_linux_x86_64_pure_sharedlib
  NASM Linux x86_64 pure (no deps) shared library (.so), POC for Reflective ELF SO injection
  ☆30Updated 2 years ago
• Error996 / bdvl
  bdvl
  ☆114Updated 3 years ago
• Bw3ll / ROP_ROCKET
  ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…
  ☆159Updated last month
• thalium / rkchk
  Rust Linux Kernel Module designed for LKM rootkit detection
  ☆53Updated 8 months ago
• zodiacon / Recon2023
  Recon 2023 slides and code
  ☆80Updated 2 years ago
• WithSecureLabs / GarbageMan
  GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.
  ☆118Updated 2 years ago
• nccgroup / ghostrings
  Ghidra scripts for recovering string definitions in Go binaries
  ☆122Updated last year
• anvilsecure / ulexecve
  ulexecve is a userland execve() implementation which helps you execute arbitrary ELF binaries on Linux from userland without the binaries…
  ☆196Updated last year