Alternatives and similar repositories for SLAE

Users that are interested in SLAE are comparing it to the libraries listed below

• chokepoint / Jynx2
  JynxKit2 is an LD_PRELOAD userland rootkit based on the original JynxKit. The backdoor has been replaced with an "accept()" system hook.
  ☆181Updated 13 years ago
• rootfoo / rootkit
  Fully functional but simplified Linux Kernel Module (LKM) Rootkit for educational purposes
  ☆62Updated 6 years ago
• tsarpaul / GLORYHook
  The first Linux hooking framework to allow merging two binary files into one!
  ☆97Updated 7 months ago
• milabs / stamina
  (Linux Kernel) Stack Monitoring Tool
  ☆48Updated 3 years ago
• landhb / DrawBridge
  Layer 4 Single Packet Authentication Linux kernel module utilizing Netfilter hooks and kernel supported Berkeley Packet Filters (BPF)
  ☆118Updated 2 years ago
• NexusBots / Umbreon-Rootkit
  ☆65Updated 9 years ago
• guitmz / memrun
  Small tool to run ELF binaries from memory with a given process name
  ☆171Updated 4 years ago
• therealdreg / lsrootkit
  Rootkit Detector for UNIX
  ☆61Updated 2 years ago
• elfmaster / linker_preloading_virus
  An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses
  ☆66Updated 3 years ago
• QuokkaLight / rkduck
  Linux v4.x.x Rootkit
  ☆92Updated last year
• nnedkov / swiss_army_rootkit
  ☆34Updated 9 years ago
• W3ndige / linux-process-injection
  Proof of concept for injecting simple shellcode via ptrace into a running process.
  ☆72Updated 3 years ago
• Srakai / Adun
  A way to backdoor every process
  ☆68Updated 8 years ago
• milabs / kmatryoshka
  Matryoshka - stacked LKM loader
  ☆54Updated 2 years ago
• milabs / lkrg-bypass
  LKRG bypass methods
  ☆73Updated 6 years ago
• nisay759 / linux-rootkits
  My little precious collection of Linux 4.x kernel rootkits
  ☆28Updated last year
• En14c / LilyOfTheValley
  Simple LKM linux kernel rootkit (x86 / x86_64)
  ☆24Updated 5 years ago
• LucaBongiorni / jellyfish
  GPU rootkit PoC by Team Jellyfish
  ☆100Updated 10 years ago
• elfmaster / dt_infect
  ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD
  ☆112Updated 5 years ago
• guitmz / go-liora
  Probably the first binary (PE/ELF) infector ever created in GoLang.
  ☆50Updated 3 years ago
• radareorg / r2pipe-go
  Go API to interact with radare2
  ☆33Updated 2 years ago
• martinclauss / syscall_number
  This tool gives you the Linux system call number (32bit and 64bit x86) for a system call name (e.g., read, write, ...).
  ☆26Updated 2 years ago
• elfmaster / saruman
  ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)
  ☆138Updated 7 years ago
• Iansus / hideproc-lkm
  Linux 4.9 Loadable Kernel Module to hide processes from system utilities
  ☆67Updated 7 years ago
• elfmaster / taskverse
  A tool like /bin/ps but uses /proc/kcore for walking the tasklist; this finds hidden processes
  ☆58Updated 10 years ago
• therealdreg / enyelkm
  LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry.
  ☆87Updated 2 years ago
• linuxthor / rkspotter
  Rootkit spotter - experimental Linux rootkit finder LKM
  ☆30Updated 5 years ago
• jrozner / slipstream
  A server and client implementation to demonstrate and test ALG abuse and perform the NAT slipstream attack described https://www.samy.pl/…
  ☆43Updated 5 years ago
• oblique / elf-infector
  ELF binary infector
  ☆33Updated 14 years ago
• b1ack0wl / DVRF
  The Damn Vulnerable Router Firmware Project
  ☆31Updated 7 years ago