elfmaster / scop_virus_paperLinks
ELF Virus infection techniques that work with SCOP (Secure code partitioned) executables
☆15Updated 6 years ago
Alternatives and similar repositories for scop_virus_paper
Users that are interested in scop_virus_paper are comparing it to the libraries listed below
Sorting:
- Evasive ELF Static PIE User-Land-Exec featured in Tmpout Vol 1.☆28Updated 3 years ago
- PoC multi-layer protector for ELF32 x86 binaries☆11Updated 3 years ago
- Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster☆29Updated 5 years ago
- ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD☆110Updated 5 years ago
- An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses☆66Updated 3 years ago
- gopclntab finder and analyzer for Radare2☆20Updated 4 years ago
- ☆47Updated 2 years ago
- PoC for obfuscating the dynamic symbol table injecting a custom Hash Table to do symbol resolution☆29Updated 4 years ago
- Just a modern packer for elf binaries ( works on linux executables only )☆42Updated 4 years ago
- ☆28Updated 5 years ago
- An Integrity-Check Monitoring Pintool☆58Updated 4 years ago
- WINAFL for blackbox in-memory fuzzing (PIN)☆47Updated 5 years ago
- Master list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.☆49Updated 4 years ago
- A set of small utilities, helpers for PIN tracers☆33Updated last year
- dk is a WinDbg extenion for dumping memory data in meaningful and organized ways, it is an enhancement of my previous tokenext project.☆24Updated last year
- A tool like /bin/ps but uses /proc/kcore for walking the tasklist; this finds hidden processes☆58Updated 10 years ago
- Reflective SO injection is a library injection technique in which the concept of reflective programming is employed to perform the loadin…☆117Updated 8 years ago
- x86_64 linux rootkit using debug registers☆52Updated 3 years ago
- Rootkit spotter - experimental Linux rootkit finder LKM☆30Updated 4 years ago
- Exploits for YARA 3.7.1 & 3.8.1☆31Updated 6 years ago
- This is a simple tool to dump all the reparse points on an NTFS volume.☆33Updated 4 years ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆72Updated last year
- Extract data of TTD trace file to a minidump☆28Updated last year
- My notes about Genyatyk VM crackme☆26Updated 4 years ago
- Investigating the bug behind CVE-2021-26708☆27Updated 4 years ago
- ELF packer for i386☆32Updated 9 years ago
- A Linux x86/x86-64 tool to trace registers and memory regions.