elfmaster / saruman
ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)
☆127Updated 6 years ago
Related projects ⓘ
Alternatives and complementary repositories for saruman
- A tool like /bin/ps but uses /proc/kcore for walking the tasklist; this finds hidden processes☆57Updated 9 years ago
- Devestating and awesome Linux X86_64 ELF Virus☆223Updated 2 years ago
- Linux based inter-process code injection without ptrace(2)☆238Updated 7 years ago
- Cross Architecture Shellcode in C☆195Updated 8 years ago
- Simple ELF tools written to demonstrate libelfmaster capabilities.☆38Updated 6 years ago
- ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD☆109Updated 4 years ago
- Obfuscates dynamic symbol table☆134Updated 5 years ago
- Function redirection via ELF tricks.☆156Updated 9 years ago
- Linux Rootkit Scanner☆84Updated 2 years ago
- Implementation of the SMM rootkit "The Watcher"☆122Updated 2 years ago
- Reflective SO injection is a library injection technique in which the concept of reflective programming is employed to perform the loadin…☆113Updated 8 years ago
- ROPME is a set of python scripts to generate ROP gadgets and payload.☆146Updated 8 years ago
- ELF Infector's Toolkit☆63Updated 8 years ago
- A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities☆325Updated 5 years ago
- ELF packer - x86_64☆71Updated 9 years ago
- Shadow-Box: Lightweight and Practical Kernel Protector for x86 (Presented at BlackHat Asia 2017/2018, beVX 2018 and HITBSecConf 2017)☆184Updated 5 years ago
- Runtime Prevention of Return-Oriented Programming Attacks☆82Updated 9 years ago
- Example code from "Programming Linux Anti-Reversing Techniques"☆97Updated 7 years ago
- ☆84Updated 8 years ago
- Tool to generate ROP gadgets for ARM, AARCH64, x86, MIPS, PPC, RISCV, SH4 and SPARC☆297Updated 2 months ago
- Windows NT ioctl bruteforcer and modular fuzzer☆119Updated 5 years ago
- A Tool to Unpack Self-Modifying Code using DynamoRIO☆141Updated 7 years ago
- Fuzz and Detect "Use After Free" vulnerability in win32k.sys ( Heap based )☆131Updated 8 years ago
- Hardcore corruption of my execve() vulnerability in WSL☆214Updated 6 years ago
- midgetpack is a multiplatform secure ELF packer☆197Updated 10 years ago
- sample linux x86_64 ELF virus☆53Updated 6 years ago
- grap: define and match graph patterns within binaries☆169Updated 3 years ago
- Small tool for generating ropchains using unicorn and z3☆197Updated 6 years ago
- I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016☆159Updated 7 years ago