Linux Kernel hooking engine (x86)
☆389Oct 14, 2025Updated 5 months ago
Alternatives and similar repositories for khook
Users that are interested in khook are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Matryoshka - stacked LKM loader☆54Oct 8, 2023Updated 2 years ago
- awesome-linux-rootkits☆2,041Feb 15, 2026Updated last month
- Code injection from Linux kernel to a process☆24May 19, 2023Updated 2 years ago
- Using ftrace for function hooking in Linux kernel☆297Mar 21, 2021Updated 5 years ago
- Linux Kernel Hacking☆750Apr 10, 2024Updated last year
- In line function hooking LKM rootkit☆52Mar 5, 2020Updated 6 years ago
- LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)☆2,277Mar 10, 2026Updated last week
- Red-Team LKM☆636Dec 16, 2025Updated 3 months ago
- Linux Kernel module-less implant (backdoor)☆73Mar 11, 2021Updated 5 years ago
- A LKM rootkit for most newer kernel versions.☆180Sep 17, 2017Updated 8 years ago
- LibZeroEvil & the Research Rootkit project.☆599Dec 1, 2021Updated 4 years ago
- hook or replace arbitary linux/FreeBSD kernel functions in runtime, supporting arm32, arm64, x86, x86_64, riscv☆220Mar 6, 2026Updated 2 weeks ago
- Kernel function hooking using exception tables☆28Jun 15, 2018Updated 7 years ago
- Kernel mode to user mode so injection☆94Nov 6, 2020Updated 5 years ago
- A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.☆1,949Apr 7, 2024Updated last year
- linux rootkit adapted for 2.6 and 3.x☆222Dec 30, 2015Updated 10 years ago
- An LKM rootkit targeting Linux 2.6/3.x on x86(_64), and ARM☆675Nov 21, 2017Updated 8 years ago
- Rootkit spotter - experimental Linux rootkit finder LKM☆30Oct 11, 2020Updated 5 years ago
- ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)☆138Mar 14, 2018Updated 8 years ago
- Reverse engineered source code of the autochk rootkit☆210Nov 1, 2019Updated 6 years ago
- Dectect syscall hooking using eBPF☆169Apr 28, 2023Updated 2 years ago
- silent syscall hooking without modifying sys_call_table/handlers via patching exception handler☆153Apr 22, 2024Updated last year
- Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypa…☆266Dec 6, 2025Updated 3 months ago
- A stealthy ELF loader - no files, no execve, no RWX☆174Dec 31, 2023Updated 2 years ago
- Linux rootkit for Ubuntu 16.04 and 10.04 (Linux Kernels 4.4.0 and 2.6.32), both i386 and amd64☆819Apr 7, 2024Updated last year
- ebpfkit is a rootkit powered by eBPF☆839Feb 28, 2023Updated 3 years ago
- Companion Worm research☆16Nov 8, 2021Updated 4 years ago
- Library for injecting a shared library into a Linux or Windows process☆613Sep 27, 2025Updated 5 months ago
- AES-encrypted TCP/IP swiss army knife.☆11Nov 6, 2022Updated 3 years ago
- out-of-tree kernel {module, exploit} development tool☆230Dec 2, 2024Updated last year
- Linux based inter-process code injection without ptrace(2)☆258Aug 24, 2017Updated 8 years ago
- Hide processes as a normal user in Linux.☆261Jul 10, 2024Updated last year
- ELF Virus infection techniques that work with SCOP (Secure code partitioned) executables☆15May 13, 2019Updated 6 years ago
- A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms)☆1,698Mar 16, 2026Updated last week
- Kernel-Mode Rootkit Hunter☆376Nov 13, 2021Updated 4 years ago
- Tool for injecting a shared object into a Linux process☆1,222Feb 23, 2022Updated 4 years ago
- LKM rootkit for Linux Kernels 2.6.x/3.x/4.x☆39May 23, 2019Updated 6 years ago
- A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…☆135Sep 19, 2021Updated 4 years ago
- Пример руткита для ядра линукс 5☆19Dec 4, 2020Updated 5 years ago