Alternatives and similar repositories for bds_lkm_ftrace

Users that are interested in bds_lkm_ftrace are comparing it to the libraries listed below

• milabs / kopycat
  Linux Kernel module-less implant (backdoor)
  ☆74Updated 4 years ago
• akamai / Linux-Process-Injection
  ☆71Updated 9 months ago
• ksen-lin / nitara2
  yet another hidden LKM hunter
  ☆25Updated last year
• lcashdol / UPX
  A utility to fix intentionally corrupted UPX packed files.
  ☆90Updated 2 years ago
• milabs / kjector
  Code injection from Linux kernel to a process
  ☆23Updated 2 years ago
• tandasat / CVE-2023-36427
  Report and exploit of CVE-2023-36427
  ☆90Updated last year
• HackingThings / OneBootloaderToLoadThemAll
  One Bootloader to Load Them All - Research materials, Code , Etc.
  ☆53Updated 3 years ago
• hackerschoice / memexec
  Circumventing "noexec" mount flag to execute arbitrary linux binaries by ptrace-less process injection
  ☆121Updated 3 months ago
• the-deniss / Vulnerability-Disclosures
  Vulnerability analysis and proof of concepts
  ☆36Updated 2 years ago
• R3x / linux-rootkits
  A collection of Linux kernel rootkits found across the internet taken and put together
  ☆83Updated 3 years ago
• FFRI / ShadeBIOS
  PoC code of Shade BIOS (stripped) presented at Black Hat USA 2025
  ☆48Updated last month
• therealdreg / nasm_linux_x86_64_pure_sharedlib
  NASM Linux x86_64 pure (no deps) shared library (.so), POC for Reflective ELF SO injection
  ☆30Updated 2 years ago
• elfmaster / linker_preloading_virus
  An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses
  ☆67Updated 3 years ago
• jjensn / CVE-2024-36877
  Exploit POC for CVE-2024-36877
  ☆47Updated last year
• FFRI / orom-backdoor-research
  PoC code and tools for Black Hat USA 2024
  ☆24Updated last year
• h3xduck / Umbra
  A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…
  ☆129Updated 3 years ago
• roddux / germy
  GERMY is a Linux Kernel n-day in the N_GSM line discipline
  ☆49Updated last year
• 0xbigshaq / runtime-unpack
  Load a statically-linked ELF binary(x86 architecture) without the execve syscall.
  ☆45Updated 4 years ago
• RITRedteam / goofkit
  In line function hooking LKM rootkit
  ☆52Updated 5 years ago
• R3tr074 / brokepkg
  The LKM rootkit working in Linux Kernels 2.6.x/3.x/4.x/5.x
  ☆132Updated 2 years ago
• tyranid / windows-memory-access-traps
  A few examples of how to trap virtual memory access on Windows.
  ☆33Updated 8 months ago
• yardenshafir / conference_talks
  Slides from various conference talks
  ☆37Updated 2 years ago
• SilentVoid13 / Silent_Packer
  An ELF / PE binary packer written in pure C, made for fun
  ☆97Updated last year
• malsearchs / Static-Reverse-Engineering-SRE
  SRE - Dissecting Malware for Static Analysis & the Complete Command-line Tool
  ☆54Updated 8 months ago
• Notselwyn / netkit
  Linux rootkit for educational purposes
  ☆33Updated last year
• TurtleARM / CVE-2023-3338-DECPwn
  Linux kernel LPE practice with an NPD vulnerability
  ☆36Updated 2 years ago
• XaFF-XaFF / WinREPL
  WinREPL is a "read-eval-print loop" shell on Windows that is useful for testing/learning x86 and x64 assembly.
  ☆17Updated 3 years ago
• therealdreg / cgaty
  Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)
  ☆73Updated 2 years ago
• ASkyeye / CVE-2022-21894-Payload
  Example payload for CVE-2022-21894
  ☆15Updated last year
• ulexec / SHELF-Loading
  Evasive ELF Static PIE User-Land-Exec featured in Tmpout Vol 1.
  ☆28Updated 3 years ago