Alternatives and similar repositories for rooty:

Users that are interested in rooty are comparing it to the libraries listed below

• reveng007 / reveng_rtkit
  Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypa…
  ☆247Updated last year
• mav8557 / Father
  LD_PRELOAD rootkit
  ☆131Updated last year
• shogunlab / building-c2-implants-in-cpp
  The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).
  ☆228Updated 4 months ago
• carloslack / KoviD
  Linux kernel rootkit
  ☆342Updated last month
• h3xduck / Umbra
  A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…
  ☆123Updated 3 years ago
• connormcgarr / Kernel-Exploits
  Kernel Exploits
  ☆251Updated 3 years ago
• VoidSec / Exploit-Development
  Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
  ☆221Updated last year
• sad0p / d0zer
  Elf binary infector written in Go.
  ☆208Updated 3 months ago
• R3tr074 / brokepkg
  The LKM rootkit working in Linux Kernels 2.6.x/3.x/4.x/5.x
  ☆128Updated last year
• c0de90e7 / GhostWriting
  GhostWriting Injection Technique.
  ☆170Updated 7 years ago
• Error996 / bdvl
  bdvl
  ☆113Updated 3 years ago
• R3x / linux-rootkits
  A collection of Linux kernel rootkits found across the internet taken and put together
  ☆73Updated 2 years ago
• therealdreg / x64dbg-exploiting
  Do you want to use x64dbg instead of immunity debugger? oscp eCPPTv2 buffer overflow exploits pocs
  ☆84Updated last year
• hasherezade / process_overwriting
  Yet another variant of Process Hollowing
  ☆389Updated 2 months ago
• redcode-labs / BMJ
  Code snippets for bare-metal malware development
  ☆98Updated 3 years ago
• sha0coder / mwemu
  x86 malware emulator
  ☆217Updated last month
• uf0o / rootkit-arsenal-guacamole
  An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples
  ☆70Updated 3 years ago
• Andy53 / ERC.Xdbg
  An Xdbg Plugin of the ERC Library.
  ☆176Updated last year
• D4stiny / ExceptionOrientedProgramming
  Abusing exceptions for code execution.
  ☆110Updated 2 years ago
• compilepeace / EVIL_RABBIT
  -x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x- LD_PRELOAD based user-land rootkit for Linux platform.
  ☆27Updated 4 years ago
• W3ndige / linux-process-injection
  Proof of concept for injecting simple shellcode via ptrace into a running process.
  ☆69Updated 2 years ago
• SaadAhla / HeapCrypt
  Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap
  ☆239Updated last year
• trustedsec / ELFLoader
  ☆268Updated 2 years ago
• hardenedvault / bootkit-samples
  Bootkit sample for firmware attack
  ☆248Updated 4 months ago
• kymb0 / Malware_learns
  ☆131Updated last year
• croemheld / lkm-rootkit
  A LKM rootkit for most newer kernel versions.
  ☆174Updated 7 years ago
• milabs / kopycat
  Linux Kernel module-less implant (backdoor)
  ☆72Updated 4 years ago
• tkmru / awesome-linux-rootkits
  a summary of linux rootkits published on GitHub
  ☆176Updated 4 years ago
• jeremybeaume / packer-tutorial
  Files for the packer tutorial
  ☆72Updated 4 years ago
• GunshipPenguin / kiteshield
  Packer/Protector for x86-64 ELF binaries on Linux
  ☆147Updated 3 years ago