elfmaster / saruman
ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)
☆131Updated 7 years ago
Alternatives and similar repositories for saruman:
Users that are interested in saruman are comparing it to the libraries listed below
- Devestating and awesome Linux X86_64 ELF Virus☆227Updated 2 years ago
- Reflective SO injection is a library injection technique in which the concept of reflective programming is employed to perform the loadin…☆117Updated 8 years ago
- A tool like /bin/ps but uses /proc/kcore for walking the tasklist; this finds hidden processes☆58Updated 10 years ago
- ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD☆110Updated 4 years ago
- Obfuscates dynamic symbol table☆133Updated 6 years ago
- Linux Rootkit Scanner☆87Updated 3 years ago
- Implementation of the SMM rootkit "The Watcher"☆124Updated 3 years ago
- A Tool to Unpack Self-Modifying Code using DynamoRIO☆141Updated 7 years ago
- Simple ELF tools written to demonstrate libelfmaster capabilities.☆39Updated 6 years ago
- Linux based inter-process code injection without ptrace(2)☆245Updated 7 years ago
- Rootkit Detector for UNIX☆61Updated last year
- sample linux x86_64 ELF virus☆53Updated 6 years ago
- Stealth's 64bit injectso port☆74Updated 14 years ago
- Shadow-Box: Lightweight and Practical Kernel Protector for x86 (Presented at BlackHat Asia 2017/2018, beVX 2018 and HITBSecConf 2017)☆185Updated 5 years ago
- Cross Architecture Shellcode in C☆200Updated 8 years ago
- C++-based shellcode builder☆112Updated 4 years ago
- Simple Polymorphic x86_64 Runtime Code Segment Cryptor☆57Updated 7 years ago
- A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities☆334Updated 5 years ago
- ☆85Updated 8 years ago
- This is the new ftrace (https://github.com/elfmaster/ftrace) - Much faster, better resolution but not complete yet! :)☆108Updated 6 years ago
- ELF packer - x86_64☆71Updated 9 years ago
- Zerokit/GAPZ rootkit (non buildable and only for researching)☆182Updated 6 years ago
- An event driven multi-core process debugging, tracing, and manipulation framework.☆173Updated 5 years ago
- ☆55Updated 7 years ago
- ☆113Updated 8 years ago
- Simple ELF crypter. Uses RC4 encryption.☆119Updated 4 years ago
- ROPME is a set of python scripts to generate ROP gadgets and payload.☆146Updated 8 years ago
- midgetpack is a multiplatform secure ELF packer☆202Updated 10 years ago
- linux rootkit☆159Updated 7 years ago
- add symbols back into a stripped ELF binary (~strip)☆171Updated 7 years ago