awesome-linux-rootkits
☆2,041Feb 15, 2026Updated last month
Alternatives and similar repositories for awesome-linux-rootkits
Users that are interested in awesome-linux-rootkits are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)☆2,277Mar 10, 2026Updated last week
- This is the list of all rootkits found so far on github and other sites.☆1,433Aug 29, 2025Updated 6 months ago
- A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.☆1,951Apr 7, 2024Updated last year
- Linux Kernel hooking engine (x86)☆389Oct 14, 2025Updated 5 months ago
- Red-Team LKM☆636Dec 16, 2025Updated 3 months ago
- Linux rootkit for Ubuntu 16.04 and 10.04 (Linux Kernels 4.4.0 and 2.6.32), both i386 and amd64☆819Apr 7, 2024Updated last year
- Linux Kernel Hacking☆750Apr 10, 2024Updated last year
- Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)☆974Dec 11, 2020Updated 5 years ago
- Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypa…☆266Dec 6, 2025Updated 3 months ago
- Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.☆2,109Feb 19, 2026Updated last month
- a summary of linux rootkits published on GitHub☆193May 7, 2020Updated 5 years ago
- LibZeroEvil & the Research Rootkit project.☆599Dec 1, 2021Updated 4 years ago
- linux-kernel-exploits Linux平台提权漏洞集合☆5,586Jul 13, 2020Updated 5 years ago
- awesome list of browser exploitation tutorials☆2,270Sep 18, 2023Updated 2 years ago
- A collection of links related to Linux kernel security and exploitation☆6,386Mar 7, 2026Updated 2 weeks ago
- Self‑healing Gossip Mesh C2 with Assisted Peer Discovery, Modular Post‑Exploitation, and OPSEC‑Focused Transport☆1,691Mar 8, 2026Updated 2 weeks ago
- Hide a process under Linux using the ld preloader (https://sysdig.com/blog/hiding-linux-processes-for-fun-and-profit/)☆1,125Aug 2, 2019Updated 6 years ago
- ebpfkit is a rootkit powered by eBPF☆840Feb 28, 2023Updated 3 years ago
- Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.☆5,518Apr 17, 2025Updated 11 months ago
- Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.☆1,665Oct 19, 2023Updated 2 years ago
- Open-Source Shellcode & PE Packer☆2,080Feb 3, 2024Updated 2 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆4,501Jul 8, 2025Updated 8 months ago
- Adversary Emulation Framework☆10,877Updated this week
- Windows rootkit for Intel x64 with 25+ features, demonstrating rootkit techniques compatible with all Windows 10 and Windows 11 versions.☆2,279Feb 15, 2026Updated last month
- Academic project of Linux rootkit made for Bachelor Engineering Thesis.☆118Jul 29, 2024Updated last year
- A curated list of awesome privilege escalation☆1,520Aug 20, 2025Updated 7 months ago
- List of Awesome Advanced Windows Exploitation References☆1,552Jan 13, 2022Updated 4 years ago
- windows kernel security development☆2,055Sep 6, 2022Updated 3 years ago
- Various kernel exploits☆804Mar 14, 2024Updated 2 years ago
- A collection of links related to VMware escape exploits☆1,495Sep 4, 2024Updated last year
- A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on…☆5,780Apr 3, 2024Updated last year
- An LKM rootkit targeting Linux 2.6/3.x on x86(_64), and ARM☆675Nov 21, 2017Updated 8 years ago
- ☆510Nov 21, 2020Updated 5 years ago
- AV/EDR evasion via direct system calls.☆1,999Jan 1, 2023Updated 3 years ago
- Converts PE into a shellcode☆2,752Aug 30, 2025Updated 6 months ago
- ☆2,173Feb 21, 2023Updated 3 years ago
- Linux Kernel module-less implant (backdoor)☆73Mar 11, 2021Updated 5 years ago
- Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…☆1,740Jan 16, 2026Updated 2 months ago
- Extracting Clear Text Passwords from mstsc.exe using API Hooking.☆1,432Jul 20, 2024Updated last year