Alternatives and similar repositories for linux-kernel-examples

Users that are interested in linux-kernel-examples are comparing it to the libraries listed below

• Acceis / eBPF-hide-PID
  This tool have the power to hide any PID/directory in the Linux kernel
  ☆27Updated 9 months ago
• Binary-Gecko / perf_PoC
  ☆16Updated 9 months ago
• zodiacon / objdir-rs
  Rust version of the objdir tool
  ☆13Updated last year
• zodiacon / TraceConnections
  Simple example for getting started with eBPF for Windows
  ☆44Updated 4 months ago
• 0xbigshaq / runtime-unpack
  Load a statically-linked ELF binary(x86 architecture) without the execve syscall.
  ☆42Updated 4 years ago
• malefax / Adrishya
  Author of Project Adrishya a rootkit which use ftrace mechanism to hook syscall; (write this because God commanded me); work for both x86…
  ☆15Updated last month
• 0xbigshaq / GenesisOS
  curiosity got me here
  ☆41Updated 10 months ago
• h3xduck / RawTCP_Lib
  A C library for creating and using TCP/IP packets with raw network sockets
  ☆67Updated 6 months ago
• UnmappedStack / vodka
  x86_64 to ARM64 assembly "compiler"
  ☆18Updated 5 months ago
• akamai / Linux-Process-Injection
  ☆59Updated 7 months ago
• Trigleos / ELFREVGO
  Anti-analysis tool that obfuscates ELF files
  ☆29Updated 4 years ago
• Nadharm / CoVirt
  A dynamically loadable virtual-machine based rootkit designed for Linux Kernel v5.13.0 using AMD-V (SVM).
  ☆29Updated 3 years ago
• ex0dus-0x / ward
  Simple ELF runtime packer for creating self-protecting binaries
  ☆22Updated last year
• pathtofile / bpf-hookdetect
  Dectect syscall hooking using eBPF
  ☆155Updated 2 years ago
• milabs / kjector
  Code injection from Linux kernel to a process
  ☆21Updated 2 years ago
• johnsonjh / ynetd
  ynetd: a small (< 400 lines of C) server for binding programs to TCP ports
  ☆20Updated 7 months ago
• eunomia-bpf / llvmbpf
  Userspace/GPU eBPF VM with llvm JIT/AOT compiler
  ☆71Updated last month
• Pdawg-bytes / UEFIBootKit
  A simple UEFI bootkit made by @NSG650 and me.
  ☆25Updated 5 months ago
• bluedragonsecurity / bds_lkm_ftrace
  Ftrace Based Linux Loadable Kernel Module Rootkit for Linux Kernel 5.x and 6.x on x86_64, hides files, hides process, hides bind shell & …
  ☆19Updated last year
• zodiacon / eBPFStudio
  Work with eBPF on Windows
  ☆37Updated 4 months ago
• redcanaryco / ebpfmon
  ☆88Updated 11 months ago
• 01Xyris / XyrisPack
  x86 packer in masm, process hollowing, remapping ntdll
  ☆10Updated 7 months ago
• sysprog21 / lkm-hidden
  A Linux kernel module which hides itself
  ☆47Updated 3 years ago
• wkz / kmemd
  Explore a live Linux kernel's memory using GDB
  ☆115Updated 2 years ago
• thalium / rkchk
  Rust Linux Kernel Module designed for LKM rootkit detection
  ☆48Updated 3 months ago
• novafacing / cargo-shellcode
  Cargo subcommand to build a crate into shellcode
  ☆24Updated 10 months ago
• SilentVoid13 / Silent_Packer
  An ELF / PE binary packer written in pure C, made for fun
  ☆93Updated last year
• ergrelet / cpplumber
  Static analysis tool based on clang, which detects source-to-binary information leaks in C and C++ projects
  ☆85Updated 2 years ago
• elastic / die-rust
  Native Rust bindings for @horsicq's Detect-It-Easy
  ☆15Updated 5 months ago
• Gui774ume / etrace
  ETrace is a syscall tracing utility powered by eBPF
  ☆25Updated 2 years ago