milabs / kjectorLinks
Code injection from Linux kernel to a process
☆21Updated 2 years ago
Alternatives and similar repositories for kjector
Users that are interested in kjector are comparing it to the libraries listed below
Sorting:
- yet another hidden LKM hunter☆23Updated last year
- Evasive ELF Static PIE User-Land-Exec featured in Tmpout Vol 1.☆28Updated 3 years ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆72Updated last year
- call gates as stable comunication channel for NT x86 and Linux x86_64☆32Updated last year
- A few examples of how to trap virtual memory access on Windows.☆31Updated 6 months ago
- Linux Kernel module-less implant (backdoor)☆73Updated 4 years ago
- Report and exploit of CVE-2023-36427☆90Updated last year
- hypervisor enforced patch protection for the linux kernel with xen + libvmi, libvmi KASLR offset spoofer☆33Updated last year
- Michelangelo REanimator bootkit and REcon 2023 talk slides/materials☆30Updated last year
- AMD SVM hypervisor rootkit proof of concept☆46Updated last year
- Kernel Read Write Execute☆84Updated 9 months ago
- Custom instruction length for hex-rays☆18Updated 5 months ago
- PEIM (UEFI) bootkit targeting OVMF (EDK2)☆35Updated last year
- Rootkit spotter - experimental Linux rootkit finder LKM☆30Updated 4 years ago
- A UEFI extraction tool☆18Updated 7 months ago
- An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses☆66Updated 3 years ago
- In line function hooking LKM rootkit☆51Updated 5 years ago
- PoC for obfuscating the dynamic symbol table injecting a custom Hash Table to do symbol resolution☆29Updated 4 years ago
- ELF binary forensics tool for APT, virus, backdoor and rootkit detection☆48Updated 7 months ago
- Breaking Secure Boot with SMM☆41Updated 3 years ago
- Binary Ninja plugin to deobfuscate strings obfuscated with the Garble project☆24Updated 3 months ago
- A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.☆38Updated 3 years ago
- ☆40Updated 4 years ago
- SPI flash read MitM attack PoC☆38Updated 3 years ago
- NASM Linux x86_64 pure (no deps) shared library (.so), POC for Reflective ELF SO injection☆30Updated last year
- Helper scripts for windows debugging with symbols for Bochs and IDA Pro (PDB files). Very handy for user mode <--> kernel mode☆19Updated last year
- Linux rootkit for educational purposes☆31Updated last year
- A dynamically loadable virtual-machine based rootkit designed for Linux Kernel v5.13.0 using AMD-V (SVM).☆29Updated 3 years ago
- Ftrace Based Linux Loadable Kernel Module Rootkit for Linux Kernel 5.x and 6.x on x86_64, hides files, hides process, hides bind shell & …☆19Updated last year
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year