kfiros / execmon
Advanced process execution monitoring utility for linux (procmon like)
☆84Updated 8 years ago
Related projects ⓘ
Alternatives and complementary repositories for execmon
- Heap analysis tooling for ptmalloc☆43Updated 2 years ago
- Using ftrace for function hooking in Linux kernel☆252Updated 3 years ago
- Shadow-Box: Lightweight and Practical Kernel Protector for x86 (Presented at BlackHat Asia 2017/2018, beVX 2018 and HITBSecConf 2017)☆184Updated 5 years ago
- ELF packer - x86_64☆71Updated 9 years ago
- a linux kernel function inline hooking library☆28Updated 7 years ago
- ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)☆127Updated 6 years ago
- Transform vmlinuz into a fully debuggable vmlinux that can be used with /proc/kcore☆124Updated last month
- Simple ELF tools written to demonstrate libelfmaster capabilities.☆38Updated 6 years ago
- linux elf injector for x86 x86_64 arm arm64☆316Updated 6 years ago
- sample linux x86_64 ELF virus☆53Updated 6 years ago
- A small kernel module that can hook arbitrary syscalls on x86_64☆47Updated 5 years ago
- Trusted Path Execution (TPE) Linux Kernel Module☆157Updated 5 years ago
- A ptrace library for easy syscall injection in Linux.☆173Updated 4 months ago
- This is the new ftrace (https://github.com/elfmaster/ftrace) - Much faster, better resolution but not complete yet! :)☆106Updated 5 years ago
- ☆62Updated last year
- Linux Rootkit Scanner☆84Updated 2 years ago
- Example of hooking a linux systemcall☆59Updated 6 years ago
- Meltdown/Spectre PoC src collection.☆503Updated 6 years ago
- A Linux kernel module that locates the system call table in memory and hooks uname. Contributions welcome!☆58Updated 11 years ago
- Runtime Prevention of Return-Oriented Programming Attacks☆82Updated 9 years ago
- Linux based inter-process code injection without ptrace(2)☆238Updated 7 years ago
- Rootkit Detector for UNIX☆61Updated last year
- A collection of Linux kernel modules for educational purposes☆38Updated 8 years ago
- ☆46Updated 6 years ago
- ☆59Updated 8 years ago
- Using LibVMI to detect malware☆30Updated 2 years ago
- Tool tracing syscalls in a fast way using eBPF linux kernel feature☆98Updated last year
- Linux kernel rootkit to hide certain files and processes.☆35Updated 10 years ago