Alternatives and similar repositories for SLAE

Users that are interested in SLAE are comparing it to the libraries listed below

• rootfoo / rootkit
  Fully functional but simplified Linux Kernel Module (LKM) Rootkit for educational purposes
  ☆62Updated 6 years ago
• elfmaster / taskverse
  A tool like /bin/ps but uses /proc/kcore for walking the tasklist; this finds hidden processes
  ☆58Updated 10 years ago
• chokepoint / Jynx2
  JynxKit2 is an LD_PRELOAD userland rootkit based on the original JynxKit. The backdoor has been replaced with an "accept()" system hook.
  ☆179Updated 12 years ago
• tsarpaul / GLORYHook
  The first Linux hooking framework to allow merging two binary files into one!
  ☆96Updated 4 months ago
• QuokkaLight / rkduck
  Linux v4.x.x Rootkit
  ☆93Updated last year
• b1ack0wl / DVRF
  The Damn Vulnerable Router Firmware Project
  ☆31Updated 7 years ago
• oblique / elf-infector
  ELF binary infector
  ☆33Updated 14 years ago
• milabs / stamina
  (Linux Kernel) Stack Monitoring Tool
  ☆47Updated 3 years ago
• elfmaster / saruman
  ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)
  ☆138Updated 7 years ago
• nnedkov / swiss_army_rootkit
  ☆33Updated 9 years ago
• NexusBots / Umbreon-Rootkit
  ☆65Updated 8 years ago
• landhb / DrawBridge
  Layer 4 Single Packet Authentication Linux kernel module utilizing Netfilter hooks and kernel supported Berkeley Packet Filters (BPF)
  ☆115Updated 2 years ago
• milabs / kmatryoshka
  Matryoshka - stacked LKM loader
  ☆53Updated 2 years ago
• d0c-s4vage / narly
  Automatically exported from code.google.com/p/narly
  ☆24Updated 4 years ago
• taviso / scanlimits
  Tool to examine the behaviour of setuid binaries under constrained limits.
  ☆61Updated 4 years ago
• kholia / mips-hacking
  Notes on QEMU and Debian MIPS (big-endian)
  ☆45Updated 6 years ago
• Iansus / hideproc-lkm
  Linux 4.9 Loadable Kernel Module to hide processes from system utilities
  ☆67Updated 7 years ago
• linuxthor / rkspotter
  Rootkit spotter - experimental Linux rootkit finder LKM
  ☆30Updated 5 years ago
• En14c / Erebus
  Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster
  ☆30Updated 5 years ago
• milabs / lkrg-bypass
  LKRG bypass methods
  ☆73Updated 5 years ago
• jollheef / rootkiticide
  0-ring rootkit revealer for Linux
  ☆28Updated 6 years ago
• martinclauss / syscall_number
  This tool gives you the Linux system call number (32bit and 64bit x86) for a system call name (e.g., read, write, ...).
  ☆26Updated last year
• radareorg / r2pipe-go
  Go API to interact with radare2
  ☆33Updated last year
• therealdreg / enyelkm
  LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry.
  ☆87Updated 2 years ago
• therealdreg / lsrootkit
  Rootkit Detector for UNIX
  ☆61Updated 2 years ago
• dpl0 / phrack
  Copy of the contents at phrack.com
  ☆40Updated 6 months ago
• ForensicITGuy / libpreloadvaccine
  Whitelisting LD_PRELOAD libraries using LD_AUDIT
  ☆63Updated 3 years ago
• gipi / low-level
  As near as possible to bare metal
  ☆48Updated 3 months ago
• R3x / linux-rootkits
  A collection of Linux kernel rootkits found across the internet taken and put together
  ☆85Updated 3 years ago
• Ganapati / firmflaws
  Firmware analysis website + API
  ☆43Updated 5 years ago