Alternatives and similar repositories for execmon

Users that are interested in execmon are comparing it to the libraries listed below

• cormander / tpe-lkm
  Trusted Path Execution (TPE) Linux Kernel Module
  ☆163Updated 6 years ago
• kkamagui / shadow-box-for-x86
  Shadow-Box: Lightweight and Practical Kernel Protector for x86 (Presented at BlackHat Asia 2017/2018, beVX 2018 and HITBSecConf 2017)
  ☆188Updated 6 years ago
• elfmaster / saruman
  ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)
  ☆139Updated 7 years ago
• sebastiencs / Packer_ELF
  ELF packer - x86_64
  ☆73Updated 10 years ago
• honeynet / sebek
  ☆25Updated 12 years ago
• ebradbury / linux-syscall-hooker
  A Linux kernel module that locates the system call table in memory and hooks uname. Contributions welcome!
  ☆57Updated 12 years ago
• cppcoffee / inl_hook
  a linux kernel function inline hooking library
  ☆30Updated 8 years ago
• elfmaster / libelfmaster_examples
  Simple ELF tools written to demonstrate libelfmaster capabilities.
  ☆41Updated 7 years ago
• ixty / mandibule
  linux elf injector for x86 x86_64 arm arm64
  ☆338Updated 7 years ago
• dgoulet / kjackal
  Linux Rootkit Scanner
  ☆87Updated 3 years ago
• jha / linux-kernel-hook
  A small kernel module that can hook arbitrary syscalls on x86_64
  ☆52Updated 6 years ago
• emptymonkey / ptrace_do
  A ptrace library for easy syscall injection in Linux.
  ☆181Updated last year
• En14c / PIvirus
  sample linux x86_64 ELF virus
  ☆53Updated 7 years ago
• milabs / khook
  Linux Kernel hooking engine (x86)
  ☆371Updated last month
• tianweiz07 / Cloud_Integrity
  Using LibVMI to detect malware
  ☆31Updated 3 years ago
• arisada / midgetpack
  midgetpack is a multiplatform secure ELF packer
  ☆208Updated 11 years ago
• ilammy / ftrace-hook
  Using ftrace for function hooking in Linux kernel
  ☆287Updated 4 years ago
• packz / binary-encryption
  Original code about binary encryption from phrack
  ☆72Updated 13 years ago
• KVM-VMI / nitro
  ☆47Updated 7 years ago
• ivanfratric / ropguard
  Runtime Prevention of Return-Oriented Programming Attacks
  ☆82Updated 10 years ago
• bitdefender / libbdvmi
  ☆61Updated 2 years ago
• elfmaster / ecfs
  extended core file snapshot format
  ☆230Updated 6 years ago
• therealdreg / enyelkm
  LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry.
  ☆87Updated 2 years ago
• elfmaster / kdress
  Transform vmlinuz into a fully debuggable vmlinux that can be used with /proc/kcore
  ☆132Updated last year
• airbus-seclab / ramooflax
  a bare metal (type 1) VMM (hypervisor) with a python remote control API
  ☆186Updated 7 years ago
• turbo / KPTI-PoC-Collection
  Meltdown/Spectre PoC src collection.
  ☆510Updated 7 years ago
• therealdreg / lsrootkit
  Rootkit Detector for UNIX
  ☆61Updated 2 years ago
• jordan9001 / superhide
  Example of hooking a linux systemcall
  ☆63Updated 7 years ago
• cloudsec / aksp
  Another kernel self protection
  ☆62Updated 5 years ago
• yaoyumeng / adore-ng
  linux rootkit adapted for 2.6 and 3.x
  ☆214Updated 9 years ago