khale / elf-hijack
Example of using ELF hacking to inject malicious code into a target binary
☆22Updated 5 years ago
Alternatives and similar repositories for elf-hijack:
Users that are interested in elf-hijack are comparing it to the libraries listed below
- hypervisor enforced patch protection for the linux kernel with xen + libvmi, libvmi KASLR offset spoofer☆31Updated last year
- LLVM pass that obfuscates against symbolic execution☆75Updated 6 years ago
- CreateRemoteThread for Linux☆38Updated 5 years ago
- Helper script for Linux kernel disassemble or debugging with IDA Pro on VMware + GDB stub (including some symbols helpers)☆36Updated last year
- A dynamically loadable virtual-machine based rootkit designed for Linux Kernel v5.13.0 using AMD-V (SVM).☆29Updated 2 years ago
- ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD☆110Updated 5 years ago
- An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses☆64Updated 3 years ago
- Experiment with Linux system calls (memfd_create, fexecve, fork...)☆22Updated 6 years ago
- x86/x64 architecture plugin☆39Updated last year
- A Linux x86_64 ELF loader in user-space written in Rust☆38Updated 4 years ago
- My notes about Genyatyk VM crackme☆26Updated 4 years ago
- An API Monitor based on Instrumentation☆43Updated 7 years ago
- A collection of tools, source code, and papers researching Windows' implementation of CET.☆82Updated 4 years ago
- Playing with LLVM passes☆36Updated last year
- Another (bad) ROP gadget finder, but this time in Rust☆20Updated last year
- IDA plugin to explore and browse tags☆54Updated 5 years ago
- AMD64 PE Emulator in Python.☆84Updated last year
- CVE-2020-0890 | Windows Hyper-V Denial of Service Vulnerability proof-of-concept code☆36Updated 4 years ago
- Helper scripts for windows debugging with symbols for Bochs and IDA Pro (PDB files). Very handy for user mode <--> kernel mode☆19Updated last year
- VSCode dark theme for IDA 7.3☆28Updated 4 years ago
- RetDec plugin for LLDB. RetDec is a retargetable machine-code decompiler based on LLVM.☆63Updated last year
- KVM Virtual Machine Introspection Library☆46Updated last year
- VMX intrinsics plugin for Hex-Rays decompiler☆70Updated 5 years ago
- binary ninja related code☆35Updated last month
- Encrypts 64-bit elf files that decrypt at runtime.☆32Updated last month
- Collection of IDA Pro/Hex-Rays configs, scripts, and plugins☆23Updated 5 years ago
- A collection of Linux kernel rootkits found across the internet taken and put together☆73Updated 2 years ago
- Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster☆29Updated 5 years ago
- IDA Pro Python plugin to analyze and annotate Linux kernel alternatives☆23Updated 3 years ago
- clone of armadillo patched for windows☆47Updated 6 months ago