compilepeace / EVIL_RABBIT
-x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x- LD_PRELOAD based user-land rootkit for Linux platform.
☆26Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for EVIL_RABBIT
- Matryoshka - stacked LKM loader☆50Updated last year
- Proof of concept for injecting simple shellcode via ptrace into a running process.☆61Updated 2 years ago
- My little precious collection of Linux 4.x kernel rootkits☆24Updated 3 months ago
- ☆26Updated 5 years ago
- PoC of injecting code into a running Linux process☆23Updated 5 years ago
- Various tools, PoCs and experiments related to my blog at https://www.forrest-orr.net/☆35Updated 3 years ago
- An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses☆60Updated 2 years ago
- A local LKM rootkit loader/dropper that lists available security mechanisms☆52Updated 3 years ago
- "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …☆39Updated 4 years ago
- Binary to shellcode from an object/executable format 32 & 64-bit PE , ELF☆71Updated 3 years ago
- Evasive ELF Static PIE User-Land-Exec featured in Tmpout Vol 1.☆24Updated 3 years ago
- ☆44Updated 2 years ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆69Updated 3 years ago
- A summary about different projects/presentations/tools to test how to evade malware sandbox systems☆48Updated 5 years ago
- Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster☆29Updated 4 years ago
- A C++ POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread. Credit to @spotheplanet for his notes…☆42Updated 3 years ago
- ☆49Updated 4 years ago
- bdvl☆109Updated 2 years ago
- An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples☆66Updated 2 years ago
- Rootkit spotter - experimental Linux rootkit finder LKM☆25Updated 4 years ago
- Proxy system calls over an RPC channel☆96Updated 2 years ago
- In line function hooking LKM rootkit☆51Updated 4 years ago
- yet another hidden LKM hunter☆13Updated last year
- Simple LKM linux kernel rootkit (x86 / x86_64)☆21Updated 4 years ago
- ☆87Updated 4 years ago
- NT AUTHORITY\SYSTEM☆38Updated 4 years ago
- PoC of macho loading from memory☆52Updated this week
- ☆59Updated 4 months ago
- Fileless persistence, attacks and anti-forensic capabilties.☆87Updated 5 years ago