elfmaster / sarumanLinks
ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)
☆135Updated 7 years ago
Alternatives and similar repositories for saruman
Users that are interested in saruman are comparing it to the libraries listed below
Sorting:
- Reflective SO injection is a library injection technique in which the concept of reflective programming is employed to perform the loadin…☆117Updated 8 years ago
- ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD☆110Updated 5 years ago
- Cross Architecture Shellcode in C☆201Updated 8 years ago
- Linux based inter-process code injection without ptrace(2)☆250Updated 7 years ago
- Simple ELF tools written to demonstrate libelfmaster capabilities.☆39Updated 6 years ago
- Implementation of the SMM rootkit "The Watcher"☆128Updated 3 years ago
- Devestating and awesome Linux X86_64 ELF Virus☆230Updated 2 years ago
- A tool like /bin/ps but uses /proc/kcore for walking the tasklist; this finds hidden processes☆58Updated 10 years ago
- ROPME is a set of python scripts to generate ROP gadgets and payload.☆148Updated 9 years ago
- A Tool to Unpack Self-Modifying Code using DynamoRIO☆141Updated 8 years ago
- Linux Rootkit Scanner☆89Updated 3 years ago
- Obfuscates dynamic symbol table☆134Updated 6 years ago
- Rootkit Detector for UNIX☆61Updated last year
- ☆115Updated 8 years ago
- ELF DSO injector☆64Updated this week
- Shadow-Box: Lightweight and Practical Kernel Protector for x86 (Presented at BlackHat Asia 2017/2018, beVX 2018 and HITBSecConf 2017)☆186Updated 6 years ago
- Pocs for Antivirus Software‘s Kernel Vulnerabilities☆264Updated 7 years ago
- Function redirection via ELF tricks.☆160Updated 9 years ago
- LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry.☆86Updated last year
- midgetpack is a multiplatform secure ELF packer☆204Updated 10 years ago
- Tool to generate ROP gadgets for ARM, AARCH64, x86, MIPS, PPC, RISCV, SH4 and SPARC☆303Updated 10 months ago
- Fuzz and Detect "Use After Free" vulnerability in win32k.sys ( Heap based )☆133Updated 9 years ago
- Utility for injecting executable code into a running process on x86/x64 Linux☆267Updated 8 years ago
- ☆87Updated 9 years ago
- C++-based shellcode builder☆114Updated 4 years ago
- A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities☆337Updated 6 years ago
- A Bochs-based instrumentation performing kernel memory taint tracking to detect disclosure of uninitialized memory to ring 3☆305Updated 6 years ago
- linux rootkit☆160Updated 7 years ago
- ELF packer - x86_64☆72Updated 9 years ago
- Simple Polymorphic x86_64 Runtime Code Segment Cryptor☆57Updated 7 years ago