elfmaster/linker_preloading_virus

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/elfmaster/linker_preloading_virus)

elfmaster / linker_preloading_virus

An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses

☆66

Alternatives and similar repositories for linker_preloading_virus

Users that are interested in linker_preloading_virus are comparing it to the libraries listed below

Sorting:

elfmaster / scop_virus_paper
View on GitHub
ELF Virus infection techniques that work with SCOP (Secure code partitioned) executables
☆15May 13, 2019Updated 6 years ago
elfmaster / dt_infect
View on GitHub
ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD
☆112Apr 8, 2020Updated 5 years ago
elfmaster / davinci
View on GitHub
Transforms any file into a protected ELF executable
☆29Mar 17, 2015Updated 11 years ago
En14c / Erebus
View on GitHub
Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster
☆32Feb 23, 2020Updated 6 years ago
jvehent / go-toybox
View on GitHub
random Go code samples written over the years
☆12May 23, 2025Updated 9 months ago
elfmaster / libelfmaster
View on GitHub
Secure ELF parsing/loading library for forensics reconstruction of malware, and robust reverse engineering tools
☆452Jan 26, 2026Updated last month
lrstanley / go-bogon
View on GitHub
Go package to check if an IP address is a bogon (internal) IP address
☆10Oct 20, 2025Updated 5 months ago
elfmaster / libelfmaster_examples
View on GitHub
Simple ELF tools written to demonstrate libelfmaster capabilities.
☆41Sep 10, 2018Updated 7 years ago
latortuga71 / YoutubeAsAC2
View on GitHub
Poc of using youtube comments for C2 communications
☆10Jul 6, 2021Updated 4 years ago
stephenrkell / libdlbind
View on GitHub
Dynamic creation and update of ELF files, or: an allocator for JIT compilers
☆36Nov 25, 2025Updated 3 months ago
petikvx / vx-ezine
View on GitHub
Collection of ezine about virii
☆17Sep 13, 2022Updated 3 years ago
advanced-microcode-patching / shiva
View on GitHub
A custom ELF linker/loader for installing ET_REL binary patches at runtime
☆200Updated this week
shogo82148 / go-webntp
View on GitHub
ntp service via WebSocket
☆16Jun 14, 2024Updated last year
linuxthor / rkspotter
View on GitHub
Rootkit spotter - experimental Linux rootkit finder LKM
☆30Oct 11, 2020Updated 5 years ago
elfmaster / taskverse
View on GitHub
A tool like /bin/ps but uses /proc/kcore for walking the tasklist; this finds hidden processes
☆58Mar 18, 2015Updated 11 years ago
AutomoxSecurity / iShelly
View on GitHub
A tool to generate macOS initial access vectors using Prelude Operator payloads
☆18May 25, 2022Updated 3 years ago
redcode-labs / Solaris
View on GitHub
A local LKM rootkit loader/dropper that lists available security mechanisms
☆53Sep 4, 2021Updated 4 years ago
f0wl / ezuri_unpack
View on GitHub
Simple unpacking script for Ezuri ELF Crypter
☆37Jul 28, 2021Updated 4 years ago
elfmaster / shiva
View on GitHub
Shiva is a programmable dynamic linker for loading ELF microprograms
☆35Sep 4, 2023Updated 2 years ago
linuxthor / rkbreaker
View on GitHub
Rootkit breaker - experimental Linux anti-rootkit tool based on kprobes
☆12Sep 30, 2020Updated 5 years ago
gabriel-rusu / E.L.F-Executable-Loader
View on GitHub
The E.L.F Executable Loader loads the executable file into memory page-by-page, using a request-paging mechanism - a page will only be lo…
☆18Jul 7, 2021Updated 4 years ago
elfmaster / skeksi_virus
View on GitHub
Devestating and awesome Linux X86_64 ELF Virus
☆238Sep 9, 2022Updated 3 years ago
spiderpig1297 / kunkillable
View on GitHub
kunkillable is an LKM that makes userland processes unkillable.
☆16Sep 26, 2020Updated 5 years ago
linuxthor / iamdynamic
View on GitHub
Linux assembly language minimal 'dynamic ELF' example plus experiments
☆25May 22, 2020Updated 5 years ago
prskr / inetmock
View on GitHub
Fake router to simulate an internet connection within an isolated environment e.g. to inspect malicious software
☆17Mar 13, 2024Updated 2 years ago
ulexec / Linux.RV
View on GitHub
PoC Reverse Text segment ELF File infector
☆14Feb 28, 2020Updated 6 years ago
chbGSmCm / bof-deez-nuts
View on GitHub
Classic Bofa adapted to CobaltStrike.
☆11Oct 4, 2022Updated 3 years ago
dechristopher / dhcp-client
View on GitHub
Reference DHCP client in go
☆10Jul 1, 2024Updated last year
fimad / Keebler
View on GitHub
A tool for patching/injecting code into elf binaries.
☆14Sep 27, 2012Updated 13 years ago
DavidBuchanan314 / stelf-loader
View on GitHub
A stealthy ELF loader - no files, no execve, no RWX
☆174Dec 31, 2023Updated 2 years ago
0xN3utr0n / Noteme
View on GitHub
ELF packer/crypter that aims to create hardened and stealthy troyans
☆58Dec 25, 2021Updated 4 years ago
latortuga71 / DisablePPLDriverPoc
View on GitHub
Disable PPL via custom driver and dump lsass
☆15Mar 13, 2021Updated 5 years ago
helpsystems / sentinel
View on GitHub
Sentinel is a command line tool able to protect Windows 32 bit programs against exploits targeted by attackers or viruses. It can protect…
☆71Mar 12, 2014Updated 12 years ago
JPMinty / Detection_Engineering_Signatures
View on GitHub
YARA, SIGMA, SNORT Rules based on Malware Analysis
☆17Apr 23, 2025Updated 10 months ago
falconre / owl
View on GitHub
ROP-Gadget finder in Rust
☆17Feb 2, 2018Updated 8 years ago
milabs / kjector
View on GitHub
Code injection from Linux kernel to a process
☆24May 19, 2023Updated 2 years ago
elfmaster / static_binary_mitigations
View on GitHub
relros.c applies RELRO to static binaries, and static_to_dyn.c applies ASLR to static binaries.
☆34Jun 25, 2018Updated 7 years ago
Group-IB / pythf
View on GitHub
Malware detonation platform Polygon integration
☆10Aug 1, 2023Updated 2 years ago
stealth / devpops
View on GitHub
Companion Worm research
☆16Nov 8, 2021Updated 4 years ago