bluedragonsecurity / bds_lkm_ftraceLinks
Ftrace Based Linux Loadable Kernel Module Rootkit for Linux Kernel 5.x and 6.x on x86_64, hides files, hides process, hides bind shell & reverse shell port, privilege escalation, cleans up logs and bash history during installation
☆23Updated last year
Alternatives and similar repositories for bds_lkm_ftrace
Users that are interested in bds_lkm_ftrace are comparing it to the libraries listed below
Sorting:
- Linux Kernel module-less implant (backdoor)☆74Updated 4 years ago
- ☆71Updated 9 months ago
- yet another hidden LKM hunter☆25Updated last year
- A utility to fix intentionally corrupted UPX packed files.☆90Updated 2 years ago
- Code injection from Linux kernel to a process☆23Updated 2 years ago
- Report and exploit of CVE-2023-36427☆90Updated last year
- One Bootloader to Load Them All - Research materials, Code , Etc.☆53Updated 3 years ago
- Circumventing "noexec" mount flag to execute arbitrary linux binaries by ptrace-less process injection☆121Updated 3 months ago
- Vulnerability analysis and proof of concepts☆36Updated 2 years ago
- A collection of Linux kernel rootkits found across the internet taken and put together☆83Updated 3 years ago
- PoC code of Shade BIOS (stripped) presented at Black Hat USA 2025☆48Updated last month
- NASM Linux x86_64 pure (no deps) shared library (.so), POC for Reflective ELF SO injection☆30Updated 2 years ago
- An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses☆67Updated 3 years ago
- Exploit POC for CVE-2024-36877☆47Updated last year
- PoC code and tools for Black Hat USA 2024☆24Updated last year
- A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…☆129Updated 3 years ago
- GERMY is a Linux Kernel n-day in the N_GSM line discipline☆49Updated last year
- Load a statically-linked ELF binary(x86 architecture) without the execve syscall.☆45Updated 4 years ago
- In line function hooking LKM rootkit☆52Updated 5 years ago
- The LKM rootkit working in Linux Kernels 2.6.x/3.x/4.x/5.x☆132Updated 2 years ago
- A few examples of how to trap virtual memory access on Windows.☆33Updated 8 months ago
- Slides from various conference talks☆37Updated 2 years ago
- An ELF / PE binary packer written in pure C, made for fun☆97Updated last year
- SRE - Dissecting Malware for Static Analysis & the Complete Command-line Tool☆54Updated 8 months ago
- Linux rootkit for educational purposes☆33Updated last year
- Linux kernel LPE practice with an NPD vulnerability☆36Updated 2 years ago
- WinREPL is a "read-eval-print loop" shell on Windows that is useful for testing/learning x86 and x64 assembly.☆17Updated 3 years ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆73Updated 2 years ago
- Example payload for CVE-2022-21894☆15Updated last year
- Evasive ELF Static PIE User-Land-Exec featured in Tmpout Vol 1.☆28Updated 3 years ago