awesome-linux-rootkits
☆2,032Feb 15, 2026Updated 2 weeks ago
Alternatives and similar repositories for awesome-linux-rootkits
Users that are interested in awesome-linux-rootkits are comparing it to the libraries listed below
Sorting:
- LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)☆2,264Jan 24, 2026Updated last month
- This is the list of all rootkits found so far on github and other sites.☆1,427Aug 29, 2025Updated 6 months ago
- A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.☆1,945Apr 7, 2024Updated last year
- Linux rootkit for Ubuntu 16.04 and 10.04 (Linux Kernels 4.4.0 and 2.6.32), both i386 and amd64☆818Apr 7, 2024Updated last year
- Linux Kernel hooking engine (x86)☆387Oct 14, 2025Updated 4 months ago
- Red-Team LKM☆637Dec 16, 2025Updated 2 months ago
- Linux Kernel Hacking☆750Apr 10, 2024Updated last year
- Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)☆971Dec 11, 2020Updated 5 years ago
- Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.☆2,101Feb 19, 2026Updated last week
- awesome list of browser exploitation tutorials☆2,267Sep 18, 2023Updated 2 years ago
- linux-kernel-exploits Linux平台提权漏洞集合☆5,576Jul 13, 2020Updated 5 years ago
- Self‑healing Gossip Mesh C2 with Assisted Peer Discovery, Modular Post‑Exploitation, and OPSEC‑Focused Transport☆1,689Updated this week
- A collection of links related to Linux kernel security and exploitation☆6,353Jan 26, 2026Updated last month
- Open-Source Shellcode & PE Packer☆2,069Feb 3, 2024Updated 2 years ago
- Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypa…☆267Dec 6, 2025Updated 2 months ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆4,470Jul 8, 2025Updated 7 months ago
- LibZeroEvil & the Research Rootkit project.☆600Dec 1, 2021Updated 4 years ago
- Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.☆5,504Apr 17, 2025Updated 10 months ago
- List of Awesome Advanced Windows Exploitation References☆1,548Jan 13, 2022Updated 4 years ago
- Hide a process under Linux using the ld preloader (https://sysdig.com/blog/hiding-linux-processes-for-fun-and-profit/)☆1,121Aug 2, 2019Updated 6 years ago
- a summary of linux rootkits published on GitHub☆192May 7, 2020Updated 5 years ago
- ebpfkit is a rootkit powered by eBPF☆838Feb 28, 2023Updated 3 years ago
- Adversary Emulation Framework☆10,759Updated this week
- A curated list of awesome privilege escalation☆1,514Aug 20, 2025Updated 6 months ago
- Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.☆1,662Oct 19, 2023Updated 2 years ago
- AV/EDR evasion via direct system calls.☆1,990Jan 1, 2023Updated 3 years ago
- windows kernel security development☆2,057Sep 6, 2022Updated 3 years ago
- Various kernel exploits☆803Mar 14, 2024Updated last year
- A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on…☆5,762Apr 3, 2024Updated last year
- A collection of links related to VMware escape exploits☆1,494Sep 4, 2024Updated last year
- Converts PE into a shellcode☆2,745Aug 30, 2025Updated 6 months ago
- Red Teaming Tactics and Techniques☆4,495Aug 22, 2024Updated last year
- Extracting Clear Text Passwords from mstsc.exe using API Hooking.☆1,426Jul 20, 2024Updated last year
- Nidhogg is an all-in-one simple to use windows kernel rootkit.☆2,274Feb 15, 2026Updated 2 weeks ago
- Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…☆1,727Jan 16, 2026Updated last month
- ☆2,168Feb 21, 2023Updated 3 years ago
- Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability detai…☆3,189Feb 15, 2023Updated 3 years ago
- ☆508Nov 21, 2020Updated 5 years ago
- Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.☆6,861Feb 1, 2026Updated last month