compilepeace / EVIL_RABBIT
-x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x- LD_PRELOAD based user-land rootkit for Linux platform.
☆27Updated 4 years ago
Alternatives and similar repositories for EVIL_RABBIT:
Users that are interested in EVIL_RABBIT are comparing it to the libraries listed below
- ☆27Updated 5 years ago
- In line function hooking LKM rootkit☆51Updated 4 years ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆71Updated 3 years ago
- ☆45Updated 2 years ago
- A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…☆121Updated 3 years ago
- Matryoshka - stacked LKM loader☆50Updated last year
- BPFDoor Source Code. Originally found from Chinese Threat Actor Red Menshen☆43Updated 2 years ago
- An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples☆68Updated 2 years ago
- A small commented POC for removing API hooks placed by AV/EDR.☆33Updated 4 years ago
- "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …☆39Updated 4 years ago
- Proxy system calls over an RPC channel☆97Updated 2 years ago
- Rootkit spotter - experimental Linux rootkit finder LKM☆27Updated 4 years ago
- Dumping credentials through windbg and pykd☆38Updated last year
- Resolve syscall numbers at runtime for all Windows versions.☆60Updated 2 months ago
- Rite Of Passage ROP Injector☆34Updated 5 years ago
- A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows☆52Updated 3 years ago
- Linux Kernel module-less implant (backdoor)☆69Updated 3 years ago
- Simple 32/64-bit PEs loader.☆136Updated 6 years ago
- Evasive ELF Static PIE User-Land-Exec featured in Tmpout Vol 1.☆25Updated 3 years ago
- Mara is a userland pty/tty sniffer☆52Updated last year
- An evil bit backdoor for iptables☆52Updated 3 years ago
- Raw socket library/framework for red team events☆34Updated last year
- Windows (ShadowMove) Socket Duplication☆80Updated 4 years ago
- IBM RedCON 2020 - Throwing an AquaWrench into the Kernel☆44Updated 4 years ago
- A C++ POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread. Credit to @spotheplanet for his notes…☆43Updated 3 years ago
- PoC of injecting code into a running Linux process☆23Updated 5 years ago
- Process reimaging proof of concept code☆95Updated 5 years ago
- A local LKM rootkit loader/dropper that lists available security mechanisms☆52Updated 3 years ago
- Ebfuscator: Abusing system errors for binary obfuscation☆52Updated 4 years ago
- An injector that use PT_LOAD technique☆12Updated 2 years ago