deb0ch / toorkit

A simple useless rootkit for the linux kernel. It is a kernel module which hooks up the open() syscall (or potentially any syscall) to replace it with a custom function.
12Updated 8 years ago

Alternatives and similar repositories for toorkit:

Users that are interested in toorkit are comparing it to the libraries listed below