khale / elf-hijack
Example of using ELF hacking to inject malicious code into a target binary
☆21Updated 5 years ago
Alternatives and similar repositories for elf-hijack:
Users that are interested in elf-hijack are comparing it to the libraries listed below
- A dynamically loadable virtual-machine based rootkit designed for Linux Kernel v5.13.0 using AMD-V (SVM).☆29Updated 2 years ago
- PoC for a kernel rootkit☆9Updated 5 years ago
- PPT of my talks.☆11Updated 3 years ago
- Code injector for ELF binaries (incl. PIE)☆27Updated 7 years ago
- hypervisor enforced patch protection for the linux kernel with xen + libvmi, libvmi KASLR offset spoofer☆29Updated 10 months ago
- This repository contains the sources and documentation for the SWAPGS attack PoC (CVE-2019-1125)☆41Updated 5 years ago
- A collection of Linux kernel rootkits found across the internet taken and put together☆73Updated 2 years ago
- Code injection from Linux kernel to a process☆19Updated last year
- Helper script for Linux kernel disassemble or debugging with IDA Pro on VMware + GDB stub (including some symbols helpers)☆36Updated last year
- Experiment with Linux system calls (memfd_create, fexecve, fork...)☆21Updated 5 years ago
- AMD SVM hypervisor rootkit proof of concept☆45Updated last year
- ☆40Updated 3 years ago
- Tool to extract the kallsyms (System.map) from a memory dump☆25Updated last year
- Configure SPI flash write protection.☆23Updated 4 years ago
- Another (bad) ROP gadget finder, but this time in Rust☆18Updated 10 months ago
- Tools for Linux kernel debugging on Bochs (including symbols, native Bochs debugger and IDA PRO)☆31Updated last year
- An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses☆62Updated 3 years ago
- Notes on QEMU and Debian MIPS (big-endian)☆44Updated 6 years ago
- Heap analysis tooling for ptmalloc☆44Updated 2 years ago
- A Linux x86_64 ELF loader in user-space written in Rust☆38Updated 4 years ago
- Helper scripts for windows debugging with symbols for Bochs and IDA Pro (PDB files). Very handy for user mode <--> kernel mode☆19Updated last year
- Linux Kernel module-less implant (backdoor)☆72Updated 3 years ago
- Rootkit breaker - experimental Linux anti-rootkit tool based on kprobes☆12Updated 4 years ago
- A small fun project to protect a file from writing using ftrace hooking.☆25Updated 3 years ago
- ☆77Updated last week
- Windows Application Loader Running *.Exe files in Memory against Scrylla☆21Updated 5 years ago
- A collection of software bug types and articles showcasing the hunt for and exploitation of them.☆20Updated 4 years ago
- This is a simple driver with x64 inline assembly☆54Updated 4 years ago
- Linux kernel internals' notes☆19Updated 6 months ago
- clone of armadillo patched for windows☆47Updated 4 months ago