ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)
☆138Mar 14, 2018Updated 7 years ago
Alternatives and similar repositories for saruman
Users that are interested in saruman are comparing it to the libraries listed below
Sorting:
- Be able to execute memory snapshots so they can start running where they left off.☆36Apr 14, 2015Updated 10 years ago
- Universal script packer-- transforms any type of script into a protected ELF executable, encrypted with anti-debugging.☆105Oct 30, 2014Updated 11 years ago
- extended core file snapshot format☆229Jan 25, 2019Updated 7 years ago
- This is the new ftrace (https://github.com/elfmaster/ftrace) - Much faster, better resolution but not complete yet! :)☆110Nov 14, 2018Updated 7 years ago
- Devestating and awesome Linux X86_64 ELF Virus☆237Sep 9, 2022Updated 3 years ago
- Simple ELF tools written to demonstrate libelfmaster capabilities.☆41Sep 10, 2018Updated 7 years ago
- relros.c applies RELRO to static binaries, and static_to_dyn.c applies ASLR to static binaries.☆34Jun 25, 2018Updated 7 years ago
- Transforms any file into a protected ELF executable☆29Mar 17, 2015Updated 10 years ago
- Secure ELF parsing/loading library for forensics reconstruction of malware, and robust reverse engineering tools☆449Jan 26, 2026Updated last month
- Linux Rootkit Scanner☆88Jan 24, 2022Updated 4 years ago
- Inject shellcode into running processes in Linux.☆43Jul 10, 2024Updated last year
- A framework for creating modular bots/backdoors☆21Jul 27, 2015Updated 10 years ago
- Azazel is a userland rootkit based off of the original LD_PRELOAD technique from Jynx rootkit. It is more robust and has additional feat…☆808Mar 7, 2024Updated last year
- PoC of injecting code into a running Linux process☆23Sep 11, 2019Updated 6 years ago
- Exporters for OllyDbg and ImmunityDbg for use with zynamics BinNavi <= 3.0☆18Jan 10, 2012Updated 14 years ago
- ☆11Sep 26, 2019Updated 6 years ago
- Analyzes open source bug trackers for interesting vulnerabilities☆23Feb 3, 2015Updated 11 years ago
- Linux kernel rootkit using kprobes (From http://phrack.org/issues/67/6.html)☆43Mar 18, 2015Updated 10 years ago
- mOrc is a post-exploitation framework for macOS written in Bash☆19Apr 19, 2023Updated 2 years ago
- Scan SSL based TCP services, ips, ports and network ranges to obtain certificate expiry data. Get automated alerts about certificates exp…☆29Feb 20, 2016Updated 10 years ago
- Anti live forensic linux LKM rootkit☆18Apr 15, 2017Updated 8 years ago
- Rootkit☆24Nov 15, 2014Updated 11 years ago
- A tool like /bin/ps but uses /proc/kcore for walking the tasklist; this finds hidden processes☆58Mar 18, 2015Updated 10 years ago
- ☆12Dec 16, 2016Updated 9 years ago
- Build a search engine from nmap XML files☆20Aug 19, 2014Updated 11 years ago
- SSH Ranking system! :D (re-write of ssh-fail-watcher)☆26Dec 20, 2014Updated 11 years ago
- POSIX Function tracing☆339Aug 17, 2017Updated 8 years ago
- ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD☆112Apr 8, 2020Updated 5 years ago
- Tool for injecting a shared object into a Linux process☆1,221Feb 23, 2022Updated 4 years ago
- 对windows-api内容进行自动审查和过滤监控☆15May 30, 2017Updated 8 years ago
- A tool evaluates security configurations of a given PE based on SDL without source code☆15Jul 6, 2014Updated 11 years ago
- an experimental linux kernel module (rootkit) with a keylogger and built-in IRC bot☆57May 1, 2015Updated 10 years ago
- Interrogate is a proof-of-concept tool for identification of cryptographic keys in binary material (regardless of target operating system…☆78Oct 6, 2019Updated 6 years ago
- LLDB engine based tool to instrument OSX apps and triage crashes☆26Sep 3, 2016Updated 9 years ago
- A Linux kernel module that locates the system call table in memory and hooks uname. Contributions welcome!☆58May 15, 2013Updated 12 years ago
- PySC - Download shellcode from a remote DNS server (using TXT records) or through Internet Explorer (using SSPI to utilize system-wide p…☆36Dec 27, 2013Updated 12 years ago
- ELF Infector's Toolkit☆64May 26, 2016Updated 9 years ago
- An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses☆66Feb 24, 2022Updated 4 years ago
- Collection of IDA Pro plugins I wrote over the years☆24May 8, 2010Updated 15 years ago