milabs/kmatryoshka

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/milabs/kmatryoshka)

milabs / kmatryoshka

Matryoshka - stacked LKM loader

☆56

Alternatives and similar repositories for kmatryoshka

Users that are interested in kmatryoshka are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

milabs / khook
View on GitHub
Linux Kernel hooking engine (x86)
☆391Oct 14, 2025Updated 8 months ago
milabs / kmod_hooking
View on GitHub
Kernel function hooking using exception tables
☆28Jun 15, 2018Updated 8 years ago
milabs / kjector
View on GitHub
Code injection from Linux kernel to a process
☆24May 19, 2023Updated 3 years ago
elfmaster / dsym_obfuscate
View on GitHub
Obfuscates dynamic symbol table
☆137Jan 10, 2019Updated 7 years ago
connormcgarr / Shellcode
View on GitHub
Various shellcodes
☆12Sep 1, 2020Updated 5 years ago
GPUs on demand by Runpod - Special Offer Available • Ad
Run AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
therealdreg / emuhookdetector
View on GitHub
hook detector using emulation and comparing static with dynamic outputs
☆17Aug 11, 2023Updated 2 years ago
HFaeiro / Remote-Admin-Tool
View on GitHub
Simple remote administration tool. Written in c++ and MASM.
☆18May 16, 2018Updated 8 years ago
therealdreg / enyelkm
View on GitHub
LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry.
☆86Aug 11, 2023Updated 2 years ago
TheIrwin / 2G_3G
View on GitHub
StingRay / IMSI Catcher Detector
☆13Sep 18, 2018Updated 7 years ago
elfmaster / dt_infect
View on GitHub
ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD
☆111Apr 8, 2020Updated 6 years ago
milabs / stamina
View on GitHub
(Linux Kernel) Stack Monitoring Tool
☆48Jan 31, 2022Updated 4 years ago
vnik5287 / kaslr_tsx_bypass
View on GitHub
Linux kASLR (Intel TSX/RTM) bypass static library
☆76Oct 15, 2017Updated 8 years ago
otavioarj / SIOCTLBF
View on GitHub
Super IOCTL Basic Fuzzer
☆16Sep 22, 2019Updated 6 years ago
vyrus001 / needle
View on GitHub
Shellcode process injector
☆28May 22, 2020Updated 6 years ago
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
ajgb / crypt-curve25519
View on GitHub
Crypt::Curve25519
☆12Jan 6, 2021Updated 5 years ago
CSLDepend / exploits
View on GitHub
We store attacks and exploits that we've found useful in our research
☆13Jun 4, 2015Updated 11 years ago
ait-aecid / rootkit-detection-ebpf-time-trace
View on GitHub
Detection of rootkit file hiding activities through analysis of shifts in kernel function execution times.
☆29Sep 10, 2025Updated 9 months ago
milabs / kiddy
View on GitHub
Kiddy - (linux) kernel identity spoofer
☆16Mar 18, 2024Updated 2 years ago
0x25bit / darkratPanel
View on GitHub
The Web Controller
☆10Dec 4, 2019Updated 6 years ago
volticks / CVE-2025-21692-poc
View on GitHub
Proof of concept source code and misc files for my CVE-2025-21692 exploit, kernel version 6.6.75
☆40Sep 16, 2025Updated 8 months ago
basharbachir / HostingCLR-Bypass-AMSI-Windows-Defender
View on GitHub
☆11Apr 23, 2019Updated 7 years ago
connormcgarr / Presentations
View on GitHub
☆29Sep 5, 2025Updated 9 months ago
nyx0 / Grum
View on GitHub
The Grum Spam Bot
☆20Feb 25, 2015Updated 11 years ago
Deploy to Railway using AI coding agents - Free Credits Offer • Ad
Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
Nadharm / CoVirt
View on GitHub
A dynamically loadable virtual-machine based rootkit designed for Linux Kernel v5.13.0 using AMD-V (SVM).
☆39Oct 26, 2025Updated 7 months ago
xcellerator / xcellerator.github.io
View on GitHub
☆13Sep 23, 2023Updated 2 years ago
repnz / autochk-rootkit
View on GitHub
Reverse engineered source code of the autochk rootkit
☆212Nov 1, 2019Updated 6 years ago
rbmm / LIB
View on GitHub
☆10Apr 19, 2026Updated last month
graves / loserland_exec
View on GitHub
Load a DLL from memory
☆34Nov 19, 2021Updated 4 years ago
ioncodes / pooldump
View on GitHub
☆31Jan 12, 2022Updated 4 years ago
karol-gruszczyk / win-rootkit
View on GitHub
☆24Feb 21, 2016Updated 10 years ago
chokepoint / Jynx2
View on GitHub
JynxKit2 is an LD_PRELOAD userland rootkit based on the original JynxKit. The backdoor has been replaced with an "accept()" system hook.
☆182Dec 15, 2012Updated 13 years ago
Allevon412 / ClassicAPIUnhooking
View on GitHub
☆16Nov 23, 2021Updated 4 years ago
End-to-end encrypted cloud storage - Proton Drive • Ad
Special offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
sam-b / CVE-2014-4113
View on GitHub
Trigger and exploit code for CVE-2014-4113
☆41Feb 14, 2016Updated 10 years ago
yaoyumeng / adore-ng
View on GitHub
linux rootkit adapted for 2.6 and 3.x
☆223Dec 30, 2015Updated 10 years ago
bluedragonsecurity / bds_lkm_ftrace
View on GitHub
Ftrace Based Linux Loadable Kernel Module Rootkit for Linux Kernel 5.x up to linux kernel 6.2 on x86_64, hides files, hides process, hide…
☆39May 14, 2026Updated last month
zionlion67 / rootkit
View on GitHub
Linux kernel module that provides remote backdoor using netfilters , file and pid hiding.
☆11Apr 1, 2017Updated 9 years ago
milabs / awesome-linux-rootkits
View on GitHub
awesome-linux-rootkits
☆2,069Feb 15, 2026Updated 4 months ago
NinnOgTonic / Out-of-Sight-Out-of-Mind-Rootkit
View on GitHub
Rootkit
☆24Nov 15, 2014Updated 11 years ago
mgeeky / HEVD_Kernel_Exploit
View on GitHub
Exploits pack for the Windows Kernel mode driver HackSysExtremeVulnerableDriver written for educational purposes.
☆67Oct 24, 2021Updated 4 years ago