Linux Kernel hooking engine (x86)
☆392Oct 14, 2025Updated 7 months ago
Alternatives and similar repositories for khook
Users that are interested in khook are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Matryoshka - stacked LKM loader☆56Oct 8, 2023Updated 2 years ago
- awesome-linux-rootkits☆2,067Feb 15, 2026Updated 3 months ago
- Code injection from Linux kernel to a process☆24May 19, 2023Updated 3 years ago
- Using ftrace for function hooking in Linux kernel☆301Mar 21, 2021Updated 5 years ago
- Linux Kernel Hacking☆763Apr 10, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- In line function hooking LKM rootkit☆54Mar 5, 2020Updated 6 years ago
- LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)☆2,358Apr 27, 2026Updated last month
- Red-Team LKM☆642May 31, 2026Updated last week
- A small kernel module that can hook arbitrary syscalls on x86_64☆52Oct 12, 2019Updated 6 years ago
- Linux Kernel module-less implant (backdoor)☆73Mar 11, 2021Updated 5 years ago
- A LKM rootkit for most newer kernel versions.☆178Sep 17, 2017Updated 8 years ago
- LibZeroEvil & the Research Rootkit project.☆601Dec 1, 2021Updated 4 years ago
- hook or replace arbitary linux/FreeBSD kernel functions in runtime, supporting arm32, arm64, x86, x86_64, riscv☆225Updated this week
- A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.☆1,962Apr 7, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Kernel function hooking using exception tables☆28Jun 15, 2018Updated 7 years ago
- linux rootkit adapted for 2.6 and 3.x☆223Dec 30, 2015Updated 10 years ago
- Kernel mode to user mode so injection☆95Nov 6, 2020Updated 5 years ago
- An LKM rootkit targeting Linux 2.6/3.x on x86(_64), and ARM☆679Nov 21, 2017Updated 8 years ago
- Rootkit spotter - experimental Linux rootkit finder LKM☆30Oct 11, 2020Updated 5 years ago
- ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)☆140Mar 14, 2018Updated 8 years ago
- Dectect syscall hooking using eBPF☆169Apr 28, 2023Updated 3 years ago
- Reverse engineered source code of the autochk rootkit☆212Nov 1, 2019Updated 6 years ago
- silent syscall hooking without modifying sys_call_table/handlers via patching exception handler☆155Apr 22, 2024Updated 2 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypa…☆270Dec 6, 2025Updated 6 months ago
- Linux rootkit for Ubuntu 16.04 and 10.04 (Linux Kernels 4.4.0 and 2.6.32), both i386 and amd64☆823Apr 7, 2024Updated 2 years ago
- A stealthy ELF loader - no files, no execve, no RWX☆175Dec 31, 2023Updated 2 years ago
- ebpfkit is a rootkit powered by eBPF☆847Feb 28, 2023Updated 3 years ago
- Companion Worm research☆17Nov 8, 2021Updated 4 years ago
- Library for injecting a shared library into a Linux or Windows process☆617Sep 27, 2025Updated 8 months ago
- AES-encrypted TCP/IP swiss army knife.☆11Nov 6, 2022Updated 3 years ago
- out-of-tree kernel {module, exploit} development tool☆231Dec 2, 2024Updated last year
- Hide processes as a normal user in Linux.☆261Jul 10, 2024Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Linux based inter-process code injection without ptrace(2)☆260Aug 24, 2017Updated 8 years ago
- A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms)☆1,743Updated this week
- Kernel-Mode Rootkit Hunter☆374Nov 13, 2021Updated 4 years ago
- Tool for injecting a shared object into a Linux process☆1,231Feb 23, 2022Updated 4 years ago
- LKM rootkit for Linux Kernels 2.6.x/3.x/4.x☆40May 23, 2019Updated 7 years ago
- A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…☆134Sep 19, 2021Updated 4 years ago
- Пример руткита для ядра линукс 5☆18Dec 4, 2020Updated 5 years ago