LD_PRELOAD rootkit
☆139Feb 29, 2024Updated 2 years ago
Alternatives and similar repositories for Father
Users that are interested in Father are comparing it to the libraries listed below
Sorting:
- Raw socket library/framework for red team events☆33Feb 25, 2023Updated 3 years ago
- Basic Linux binary shim method on the passwd binary from the shadow package to steal credentials as they are changed.☆14Nov 14, 2024Updated last year
- In line function hooking LKM rootkit☆52Mar 5, 2020Updated 6 years ago
- A Flask-based HTTP(S) command and control (C2) with a web frontend. Malleable agent written in Go.☆36Aug 12, 2023Updated 2 years ago
- Linux Kernel Module Rootkit with module hiding, RCE/reverse shell, and persistence capabilities☆15Feb 23, 2023Updated 3 years ago
- LD_PRELOAD Rootkit☆305Apr 5, 2025Updated 11 months ago
- Taranis NG is an OSINT gathering and analysis tool for CSIRT teams and organisations. It allows team-to-team collaboration, and contains …☆10Oct 17, 2023Updated 2 years ago
- A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…☆135Sep 19, 2021Updated 4 years ago
- ☆12Jun 22, 2022Updated 3 years ago
- The long shadow to emerge as other Git repositories☆18Feb 25, 2026Updated last week
- Golang tool designed to exfiltrate passwords found via the sshd and su services☆26Nov 23, 2025Updated 3 months ago
- Cross-platform RAT, written in C☆88Oct 8, 2022Updated 3 years ago
- Shellcode reflective DLL injection in Rust☆27Dec 26, 2025Updated 2 months ago
- bdvl☆117Feb 26, 2022Updated 4 years ago
- Very Easy Relative Backdoor Application☆14Jun 8, 2021Updated 4 years ago
- Discover DYLD_INSERT_LIBRARIES hijacks on macOS☆45Sep 15, 2022Updated 3 years ago
- Windows Reverse TCP Shell for Hacking and Pentesting☆24Aug 13, 2024Updated last year
- autopwn + deployment☆15Apr 13, 2022Updated 3 years ago
- ☆15May 26, 2021Updated 4 years ago
- An injector that use PT_LOAD technique☆12Nov 27, 2022Updated 3 years ago
- Windows NTLM Authentication Backdoor☆16Jan 27, 2022Updated 4 years ago
- ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD☆112Apr 8, 2020Updated 5 years ago
- An evil bit backdoor for iptables☆55Apr 14, 2021Updated 4 years ago
- A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.☆1,945Apr 7, 2024Updated last year
- Malkom is an extensible and simple similarity graph generator for malware analysis aimed at helping analysts visualize and cluster sets o…☆17Apr 6, 2023Updated 2 years ago
- WIP Post-exploitation framework tailored for hypervisors.☆50Nov 16, 2023Updated 2 years ago
- Incident Notification Platform by @NC3-LU☆11Updated this week
- A C2 post-exploitation framework☆484Jan 24, 2024Updated 2 years ago
- nmap/ndiff based scanner with template based notification system in case of infrastructure changes☆19Feb 16, 2018Updated 8 years ago
- ld_preload userland rootkit☆35Dec 13, 2020Updated 5 years ago
- Extendable Python script handler for automating penetration testing.☆40Mar 3, 2023Updated 3 years ago
- Collection of Slides From My Conference Talks☆20Nov 21, 2022Updated 3 years ago
- PoC of macho loading from memory☆58Nov 18, 2024Updated last year
- ☆37Feb 11, 2023Updated 3 years ago
- Winlogon and LSA Notification Password Filters☆19Jul 11, 2023Updated 2 years ago
- A Simple Linux ELF Runtime Crypter☆271Feb 25, 2025Updated last year
- A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.☆880Mar 21, 2025Updated 11 months ago
- Shell wrapper with keylogger (local log or syslog)☆13Nov 1, 2017Updated 8 years ago
- A security competition scoring system built on the Elastic stack.☆41Dec 11, 2025Updated 2 months ago