compilepeace / EVIL_RABBIT
-x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x- LD_PRELOAD based user-land rootkit for Linux platform.
☆27Updated 4 years ago
Alternatives and similar repositories for EVIL_RABBIT:
Users that are interested in EVIL_RABBIT are comparing it to the libraries listed below
- ☆27Updated 5 years ago
- A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…☆122Updated 3 years ago
- ☆46Updated 2 years ago
- An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples☆68Updated 2 years ago
- ☆16Updated 3 years ago
- "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …☆39Updated 4 years ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆72Updated 3 years ago
- BPFDoor Source Code. Originally found from Chinese Threat Actor Red Menshen☆43Updated 2 years ago
- A LKM (Loadable Kernel Module) to execute a command as root; I include a example of using netcat and a compiled(with source and steps on…☆15Updated 4 months ago
- A local LKM rootkit loader/dropper that lists available security mechanisms☆52Updated 3 years ago
- Gozi ISFB is a well-known and widely distributed banking trojan, and has been in the threat landscape for the past several years.☆63Updated 6 years ago
- An Xdbg Plugin of the ERC Library.☆26Updated last year
- TrashDBG the world's worse debugger☆23Updated 3 years ago
- Recreating and reviewing the Windows persistence methods☆37Updated 3 years ago
- Code snippets for bare-metal malware development☆97Updated 3 years ago
- Rootkit spotter - experimental Linux rootkit finder LKM☆27Updated 4 years ago
- Matryoshka - stacked LKM loader☆50Updated last year
- A small commented POC for removing API hooks placed by AV/EDR.☆33Updated 4 years ago
- Raw socket library/framework for red team events☆34Updated 2 years ago
- ☆67Updated last year
- A collection of shellcode hashes☆17Updated 6 years ago
- ☆23Updated 4 years ago
- A summary about different projects/presentations/tools to test how to evade malware sandbox systems☆49Updated 6 years ago
- Ebfuscator: Abusing system errors for binary obfuscation☆52Updated 4 years ago
- Simple project using syscalls (via Syswhispers2) to execute MessageBox shellcode.☆74Updated 3 years ago
- A repository where I share my injection implemintations☆29Updated 4 years ago
- ☆48Updated 4 years ago
- Evasive ELF Static PIE User-Land-Exec featured in Tmpout Vol 1.☆25Updated 3 years ago
- Proxy system calls over an RPC channel☆97Updated 3 years ago
- DLL Injector as a service that watches the health of the started thread.☆9Updated 5 years ago