Alternatives and similar repositories for bds_lkm_ftrace

Users that are interested in bds_lkm_ftrace are comparing it to the libraries listed below

• milabs / kopycat
  Linux Kernel module-less implant (backdoor)
  ☆74Updated 4 years ago
• ksen-lin / nitara2
  yet another hidden LKM hunter
  ☆29Updated last month
• hackerschoice / memexec
  Circumventing "noexec" mount flag to execute arbitrary linux binaries by ptrace-less process injection
  ☆128Updated 4 months ago
• h3xduck / Umbra
  A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…
  ☆130Updated 4 years ago
• lcashdol / UPX
  A utility to fix intentionally corrupted UPX packed files.
  ☆91Updated 2 years ago
• carloslack / volundr
  Just another elf library
  ☆30Updated last year
• akamai / Linux-Process-Injection
  ☆74Updated 11 months ago
• elfmaster / linker_preloading_virus
  An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses
  ☆67Updated 3 years ago
• Notselwyn / netkit
  Linux rootkit for educational purposes
  ☆33Updated last year
• R3tr074 / brokepkg
  The LKM rootkit working in Linux Kernels 2.6.x/3.x/4.x/5.x
  ☆132Updated 2 years ago
• FFRI / ShadeBIOS
  PoC code of Shade BIOS (stripped) presented at Black Hat USA 2025
  ☆58Updated 3 months ago
• jermeyyy / rooty
  Academic project of Linux rootkit made for Bachelor Engineering Thesis.
  ☆111Updated last year
• milabs / kjector
  Code injection from Linux kernel to a process
  ☆24Updated 2 years ago
• mav8557 / Father
  LD_PRELOAD rootkit
  ☆136Updated last year
• Error996 / bdvl
  bdvl
  ☆114Updated 3 years ago
• W3ndige / linux-process-injection
  Proof of concept for injecting simple shellcode via ptrace into a running process.
  ☆72Updated 2 years ago
• tandasat / CVE-2023-36427
  Report and exploit of CVE-2023-36427
  ☆88Updated last year
• Trigleos / ELFREVGO
  Anti-analysis tool that obfuscates ELF files
  ☆35Updated 4 years ago
• therealdreg / nasm_linux_x86_64_pure_sharedlib
  NASM Linux x86_64 pure (no deps) shared library (.so), POC for Reflective ELF SO injection
  ☆30Updated 2 years ago
• R3x / linux-rootkits
  A collection of Linux kernel rootkits found across the internet taken and put together
  ☆85Updated 3 years ago
• SilentVoid13 / Silent_Packer
  An ELF / PE binary packer written in pure C, made for fun
  ☆98Updated last year
• malsearchs / Static-Reverse-Engineering-SRE
  SRE - Dissecting Malware for Static Analysis & the Complete Command-line Tool
  ☆56Updated 9 months ago
• milabs / kmatryoshka
  Matryoshka - stacked LKM loader
  ☆54Updated 2 years ago
• reveng007 / reveng_rtkit
  Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypa…
  ☆261Updated 2 years ago
• HackingThings / OneBootloaderToLoadThemAll
  One Bootloader to Load Them All - Research materials, Code , Etc.
  ☆57Updated 3 years ago
• marcusbotacin / Dropper
  Embed an executable as a PE resource, drops and launches it in runtime.
  ☆62Updated 4 years ago
• ic3qu33n / michelangelo-reanimator
  Michelangelo REanimator bootkit and REcon 2023 talk slides/materials
  ☆30Updated last year
• 0xbigshaq / runtime-unpack
  Load a statically-linked ELF binary(x86 architecture) without the execve syscall.
  ☆45Updated 5 years ago
• MatheuZSecurity / UnhookingLinuxEdr
  Attacking the cleanup_module function of a kernel module
  ☆48Updated 3 months ago
• leandrofroes / gftrace
  A command line Windows API tracing tool for Golang binaries.
  ☆157Updated last year