linuxthor/rkspotter

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/linuxthor/rkspotter)

linuxthor / rkspotter

Rootkit spotter - experimental Linux rootkit finder LKM

☆30

Alternatives and similar repositories for rkspotter

Users that are interested in rkspotter are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

linuxthor / rkbreaker
View on GitHub
Rootkit breaker - experimental Linux anti-rootkit tool based on kprobes
☆12Sep 30, 2020Updated 5 years ago
mthbernardes / givemeroot
View on GitHub
LKM Rootkit based on Diamorphine
☆15Oct 31, 2018Updated 7 years ago
XShar / rootkit_for_linux_kernel_5
View on GitHub
Пример руткита для ядра линукс 5
☆18Dec 4, 2020Updated 5 years ago
ksen-lin / nitara2
View on GitHub
yet another hidden LKM hunter
☆33Sep 18, 2025Updated 8 months ago
unweb / plown
View on GitHub
Security scanner tool for Plone CMS.
☆19May 14, 2012Updated 14 years ago
Wordpress hosting with auto-scaling - Free Trial Offer • Ad
Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
R3tr074 / brokepkg
View on GitHub
The LKM rootkit working in Linux Kernels 2.6.x/3.x/4.x/5.x
☆138Aug 8, 2023Updated 2 years ago
474172261 / wctf_vm_escape_virtualHole
View on GitHub
This is a ctf challenge for qemu escape, it's basic and normal, but there is a thinking trap in it, you may need some time to find out th…
☆10Mar 28, 2024Updated 2 years ago
lumontec / lsmtrace
View on GitHub
Trace deep kernel events through eBPF and lsm hooks
☆44Feb 9, 2021Updated 5 years ago
m0hamed / lkm-rootkit
View on GitHub
A rootkit implemented as a linux kernel module
☆18May 2, 2015Updated 11 years ago
En14c / LilyOfTheValley
View on GitHub
Simple LKM linux kernel rootkit (x86 / x86_64)
☆24Jun 16, 2020Updated 5 years ago
NinnOgTonic / Out-of-Sight-Out-of-Mind-Rootkit
View on GitHub
Rootkit
☆24Nov 15, 2014Updated 11 years ago
carloslack / KoviD
View on GitHub
Red-Team LKM
☆642May 31, 2026Updated last week
milabs / kiddy
View on GitHub
Kiddy - (linux) kernel identity spoofer
☆16Mar 18, 2024Updated 2 years ago
edxsh / CVE-2019-5782_CVE-2019-13768
View on GitHub
Full chain Chrome 71.0.3578.98 exploit
☆21Jul 18, 2021Updated 4 years ago
Deploy to Railway using AI coding agents - Free Credits Offer • Ad
Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
hasherezade / 7ev3n_decoders
View on GitHub
Decoders for 7ev3n ransomware
☆17Oct 24, 2016Updated 9 years ago
pathtofile / bpf-hookdetect
View on GitHub
Dectect syscall hooking using eBPF
☆169Apr 28, 2023Updated 3 years ago
jollheef / rootkiticide
View on GitHub
0-ring rootkit revealer for Linux
☆29Sep 5, 2019Updated 6 years ago
elfmaster / dsym_obfuscate
View on GitHub
Obfuscates dynamic symbol table
☆137Jan 10, 2019Updated 7 years ago
h3xduck / Umbra
View on GitHub
A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…
☆134Sep 19, 2021Updated 4 years ago
evilsocket / dunmer
View on GitHub
An ELF parasite command injector.
☆33Oct 24, 2017Updated 8 years ago
darrenmartyn / misc_utils
View on GitHub
misc scripts/utils that I've written that aren't deserving of own repos.
☆14Aug 18, 2021Updated 4 years ago
milabs / kopycat
View on GitHub
Linux Kernel module-less implant (backdoor)
☆73Mar 11, 2021Updated 5 years ago
elfmaster / linker_preloading_virus
View on GitHub
An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses
☆67Feb 24, 2022Updated 4 years ago
Deploy on Railway without the complexity - Free Credits Offer • Ad
Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
elfmaster / dt_infect
View on GitHub
ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD
☆111Apr 8, 2020Updated 6 years ago
fuweid / failpoint-bpf
View on GitHub
☆16Mar 13, 2024Updated 2 years ago
nisay759 / linux-rootkits
View on GitHub
My little precious collection of Linux 4.x kernel rootkits
☆29Jul 27, 2024Updated last year
django-security-tutorials / hands-on-web-security-slides
View on GitHub
Website for a Django-based Web Security Tutorial
☆14Sep 22, 2019Updated 6 years ago
asuar078 / raisin
View on GitHub
Reverse shell and rootkit
☆20Apr 28, 2017Updated 9 years ago
kovdan01 / proc-integrity
View on GitHub
Simple process integrity checker Linux kernel module
☆15Dec 3, 2020Updated 5 years ago
dk47os3r / SpringMemShell
View on GitHub
Spring内存马检测和隐形马研究
☆15Nov 28, 2021Updated 4 years ago
edwardcwang / chisel-template-lite
View on GitHub
Lightweight Chisel template
☆13May 30, 2020Updated 6 years ago
zj1244 / kprobe_hook
View on GitHub
使用kprobe获取sys_execve参数
☆12Nov 22, 2018Updated 7 years ago
Wordpress hosting with auto-scaling - Free Trial Offer • Ad
Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
ivision-research / gostringsr2
View on GitHub
Find strings in Go binaries
☆55Sep 16, 2019Updated 6 years ago
Rhydon1337 / linux-kernel-ata-sniffer
View on GitHub
ATA command sniffer for Linux
☆21Dec 18, 2020Updated 5 years ago
driverxdw / Kprobe-hooker
View on GitHub
Use kprobe capture common kernel event and can also use for hids agent（kernel module）
☆10Nov 28, 2023Updated 2 years ago
mgrube / DragonKing
View on GitHub
Open Source Rootkit
☆22Jul 28, 2017Updated 8 years ago
wg / keys
View on GitHub
Secure credential storage
☆32Jun 13, 2015Updated 10 years ago
stealth / injectso
View on GitHub
ELF DSO injector
☆72Jun 23, 2025Updated 11 months ago
0xdea / raptor_infiltrate19
View on GitHub
#INFILTRATE19 raptor's party pack.
☆33Nov 10, 2025Updated 7 months ago