Linux Kernel module-less implant (backdoor)
☆73Mar 11, 2021Updated 5 years ago
Alternatives and similar repositories for kopycat
Users that are interested in kopycat are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Code injection from Linux kernel to a process☆24May 19, 2023Updated 2 years ago
- ☆11Jun 4, 2019Updated 6 years ago
- kfile-over-icmp is an LKM for stealth sending of files over ICMP communication.☆18Oct 9, 2020Updated 5 years ago
- Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypa…☆266Dec 6, 2025Updated 3 months ago
- An adaptation of timwhitez's proxycall that uses kernelbase.dll!Beep.☆16Nov 1, 2023Updated 2 years ago
- A LKM (Loadable Kernel Module) to execute a command as root; I include a example of using netcat and a compiled(with source and steps on…☆16Oct 8, 2024Updated last year
- Rootkit spotter - experimental Linux rootkit finder LKM☆30Oct 11, 2020Updated 5 years ago
- A tool to inject C code into ELF64 binaries☆29May 25, 2021Updated 4 years ago
- bdvl☆117Feb 26, 2022Updated 4 years ago
- awesome-linux-rootkits☆2,041Feb 15, 2026Updated last month
- ☆12Jun 22, 2022Updated 3 years ago
- A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…☆135Sep 19, 2021Updated 4 years ago
- Fork of ligolo-ng with exec and service capability☆17Oct 30, 2023Updated 2 years ago
- Linux Kernel hooking engine (x86)☆389Oct 14, 2025Updated 5 months ago
- Base64 Mutator☆13Feb 13, 2021Updated 5 years ago
- a exec jsp shell, simply like weevely php C/S shell.☆14Jun 21, 2022Updated 3 years ago
- dns tunnel C2☆84Jan 18, 2022Updated 4 years ago
- Qubes containerization on Windows☆129Apr 21, 2021Updated 4 years ago
- sudo heap overflow to LPE, in Go☆16Feb 9, 2021Updated 5 years ago
- CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.☆34Dec 19, 2021Updated 4 years ago
- A collection of sample code used in some experiments with Sliver C2☆16Mar 28, 2023Updated 2 years ago
- ebpf covert channel rootkit☆15Feb 6, 2024Updated 2 years ago
- ☆16May 15, 2021Updated 4 years ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆28Jan 4, 2024Updated 2 years ago
- Network Traffic Fuzzer☆17Dec 28, 2024Updated last year
- ☆35Mar 20, 2021Updated 5 years ago
- 👓 Yet another binary vulnerbilities checker. An automated vulnerability scanner for ELF based on symbolic execution.☆34Nov 7, 2021Updated 4 years ago
- LD_PRELOAD rootkit☆139Feb 29, 2024Updated 2 years ago
- Writing Radare2 plugins in various languages☆18Updated this week
- kunkillable is an LKM that makes userland processes unkillable.☆16Sep 26, 2020Updated 5 years ago
- Fast Windows post-exploitation wins after initial access.☆29Jan 28, 2026Updated last month
- Windows CIFS/SMB packet generation and SMB networking library☆12Aug 25, 2020Updated 5 years ago
- sandbox demo☆11Jan 18, 2024Updated 2 years ago
- The LKM rootkit working in Linux Kernels 2.6.x/3.x/4.x/5.x☆132Aug 8, 2023Updated 2 years ago
- ☆14May 19, 2019Updated 6 years ago
- Show AV Processes list☆15Sep 30, 2020Updated 5 years ago
- An ELF parasite command injector.☆34Oct 24, 2017Updated 8 years ago
- Utility to find hidden Linux kernel modules☆147Jul 21, 2025Updated 8 months ago
- Symbolic execution in radare2 with angr☆39Jul 27, 2021Updated 4 years ago