bluedragonsecurity / bds_lkm_ftraceLinks
Ftrace Based Linux Loadable Kernel Module Rootkit for Linux Kernel 5.x and 6.x on x86_64, hides files, hides process, hides bind shell & reverse shell port, privilege escalation, cleans up logs and bash history during installation
☆28Updated 2 years ago
Alternatives and similar repositories for bds_lkm_ftrace
Users that are interested in bds_lkm_ftrace are comparing it to the libraries listed below
Sorting:
- Linux Kernel module-less implant (backdoor)☆74Updated 4 years ago
- A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…☆132Updated 4 years ago
- An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses☆66Updated 3 years ago
- A collection of Linux kernel rootkits found across the internet taken and put together☆92Updated 3 years ago
- yet another hidden LKM hunter☆29Updated 3 months ago
- Circumventing "noexec" mount flag to execute arbitrary linux binaries by ptrace-less process injection☆135Updated 7 months ago
- Academic project of Linux rootkit made for Bachelor Engineering Thesis.☆117Updated last year
- A utility to fix intentionally corrupted UPX packed files.☆92Updated 2 years ago
- ☆85Updated last year
- Matryoshka - stacked LKM loader☆54Updated 2 years ago
- LD_PRELOAD rootkit☆137Updated last year
- Report and exploit of CVE-2023-36427☆88Updated 2 years ago
- The LKM rootkit working in Linux Kernels 2.6.x/3.x/4.x/5.x☆132Updated 2 years ago
- Code injection from Linux kernel to a process☆24Updated 2 years ago
- bdvl☆115Updated 3 years ago
- An ELF / PE binary packer written in pure C, made for fun☆105Updated last year
- Proof of concept for injecting simple shellcode via ptrace into a running process.☆72Updated 3 years ago
- NASM Linux x86_64 pure (no deps) shared library (.so), POC for Reflective ELF SO injection☆31Updated 2 years ago
- PoC code of Shade BIOS (stripped) presented at Black Hat USA 2025☆60Updated 5 months ago
- A command line Windows API tracing tool for Golang binaries.☆159Updated 2 years ago
- Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypa…☆261Updated 3 weeks ago
- Linux rootkit for educational purposes☆34Updated last year
- PoC code and tools for Black Hat USA 2024☆24Updated last year
- Elf binary infector written in Go.☆214Updated 11 months ago
- OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"☆43Updated last year
- -x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x- LD_PRELOAD based user-land rootkit for Linux platform.☆27Updated 5 years ago
- Heavily-modified fork of David Buchanan's dlinject project. Injects arbitrary assembly (or precompiled binary) payloads directly into x86…☆143Updated 3 years ago
- Rust Linux Kernel Module designed for LKM rootkit detection☆56Updated 9 months ago
- One Bootloader to Load Them All - Research materials, Code , Etc.☆61Updated 3 years ago
- rp-bf: A library to bruteforce ROP gadgets by emulating a Windows user-mode crash-dump☆121Updated last year