compilepeace / EVIL_RABBITLinks
-x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x- LD_PRELOAD based user-land rootkit for Linux platform.
☆28Updated 4 years ago
Alternatives and similar repositories for EVIL_RABBIT
Users that are interested in EVIL_RABBIT are comparing it to the libraries listed below
Sorting:
- A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…☆128Updated 3 years ago
- ☆28Updated 5 years ago
- Proof of concept for injecting simple shellcode via ptrace into a running process.☆72Updated 2 years ago
- Proxy system calls over an RPC channel☆98Updated 3 years ago
- Code snippets for bare-metal malware development☆98Updated 3 years ago
- In line function hooking LKM rootkit☆52Updated 5 years ago
- ☆67Updated 2 years ago
- bdvl☆114Updated 3 years ago
- ☆135Updated 4 months ago
- A local LKM rootkit loader/dropper that lists available security mechanisms☆52Updated 3 years ago
- Sentello is python script that simulates the anti-evasion and anti-analysis techniques used by malware.☆73Updated 4 years ago
- An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples☆70Updated 3 years ago
- ☆63Updated last year
- PE File Blessing - To continue or not to continue☆87Updated 5 years ago
- Binary to shellcode from an object/executable format 32 & 64-bit PE , ELF☆74Updated 4 years ago
- Winsock accept() Backdoor Implant.☆116Updated 4 years ago
- This course is designed to expose students to advanced exploitation techniques. Topics include the use of automated exploitation tools a…☆28Updated 5 years ago
- A repository where I share my injection implemintations☆29Updated 5 years ago
- Matryoshka - stacked LKM loader☆52Updated last year
- A C++ POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread. Credit to @spotheplanet for his notes…☆43Updated 4 years ago
- "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …☆39Updated 5 years ago
- Gozi ISFB is a well-known and widely distributed banking trojan, and has been in the threat landscape for the past several years.☆65Updated 7 years ago
- Raw socket library/framework for red team events☆34Updated 2 years ago
- The following repository contains a modified version of SUNBURST with cracekd hashes, comments and annotations.☆56Updated 4 years ago
- Linux Rootkits (4.x Kernel)☆82Updated 4 years ago
- Sandfly Linux Stealth Rootkit Decloaking Utility☆101Updated 2 years ago
- LD_PRELOAD rootkit☆134Updated last year
- autopwn + deployment☆15Updated 3 years ago
- A summary about different projects/presentations/tools to test how to evade malware sandbox systems☆52Updated 6 years ago
- ☆55Updated 3 years ago