elfmaster / saruman
ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)
☆128Updated 6 years ago
Related projects ⓘ
Alternatives and complementary repositories for saruman
- ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD☆109Updated 4 years ago
- Linux based inter-process code injection without ptrace(2)☆239Updated 7 years ago
- ROPME is a set of python scripts to generate ROP gadgets and payload.☆146Updated 8 years ago
- A tool like /bin/ps but uses /proc/kcore for walking the tasklist; this finds hidden processes☆57Updated 9 years ago
- Reflective SO injection is a library injection technique in which the concept of reflective programming is employed to perform the loadin…☆113Updated 8 years ago
- Implementation of the SMM rootkit "The Watcher"☆123Updated 2 years ago
- Cross Architecture Shellcode in C☆198Updated 8 years ago
- Simple ELF tools written to demonstrate libelfmaster capabilities.☆38Updated 6 years ago
- Linux Rootkit Scanner☆85Updated 2 years ago
- Hardcore corruption of my execve() vulnerability in WSL☆214Updated 6 years ago
- Devestating and awesome Linux X86_64 ELF Virus☆223Updated 2 years ago
- Tool to generate ROP gadgets for ARM, AARCH64, x86, MIPS, PPC, RISCV, SH4 and SPARC☆297Updated 3 months ago
- Shadow-Box: Lightweight and Practical Kernel Protector for x86 (Presented at BlackHat Asia 2017/2018, beVX 2018 and HITBSecConf 2017)☆184Updated 5 years ago
- Function redirection via ELF tricks.☆156Updated 9 years ago
- Example code from "Programming Linux Anti-Reversing Techniques"☆97Updated 7 years ago
- Obfuscates dynamic symbol table☆134Updated 5 years ago
- This is the new ftrace (https://github.com/elfmaster/ftrace) - Much faster, better resolution but not complete yet! :)☆106Updated 6 years ago
- A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities☆325Updated 5 years ago
- Fuzz and Detect "Use After Free" vulnerability in win32k.sys ( Heap based )☆132Updated 8 years ago
- Stealth's 64bit injectso port☆74Updated 14 years ago
- linux elf injector for x86 x86_64 arm arm64☆318Updated 6 years ago
- Small tool for generating ropchains using unicorn and z3☆197Updated 6 years ago
- C++-based shellcode builder☆112Updated 4 years ago
- Utility for injecting executable code into a running process on x86/x64 Linux☆259Updated 8 years ago
- Hypervisor-Level Debugger based on Radare2 / LibVMI, using VMI IO and debug plugins☆133Updated 5 years ago
- LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry.☆82Updated last year
- ☆55Updated 7 years ago
- An event driven multi-core process debugging, tracing, and manipulation framework.☆171Updated 4 years ago
- Simple Polymorphic x86_64 Runtime Code Segment Cryptor☆57Updated 6 years ago
- grap: define and match graph patterns within binaries☆169Updated 3 years ago