Alternatives and similar repositories for linux-rootkits

Users that are interested in linux-rootkits are comparing it to the libraries listed below

• NexusBots / Umbreon-Rootkit
  ☆65Updated 8 years ago
• milabs / kmatryoshka
  Matryoshka - stacked LKM loader
  ☆53Updated last year
• QuokkaLight / rkduck
  Linux v4.x.x Rootkit
  ☆93Updated last year
• perturbed-platypus / LinooxMalware
  ☆28Updated 6 years ago
• oneNutW0nder / CatTails
  Raw socket library/framework for red team events
  ☆34Updated 2 years ago
• amitwaisel / Malproxy
  Proxy system calls over an RPC channel
  ☆99Updated 3 years ago
• infosecguerrilla / ReflectiveSOInjection
  Reflective SO injection is a library injection technique in which the concept of reflective programming is employed to perform the loadin…
  ☆117Updated 9 years ago
• dsnezhkov / exclave
  ☆16Updated 4 years ago
• ulexec / SHELF-Loading
  Evasive ELF Static PIE User-Land-Exec featured in Tmpout Vol 1.
  ☆28Updated 4 years ago
• jcramb / revshell
  reverse shell with tty emulation, openssl encryption and support for multiple tcp proxies
  ☆28Updated 9 years ago
• t57root / amcsh
  A More Comfortable (remote) SHell with full pty support and both reverse / bindport connection mode.
  ☆30Updated 12 years ago
• linuxthor / rkspotter
  Rootkit spotter - experimental Linux rootkit finder LKM
  ☆30Updated 4 years ago
• maK- / reverse-shell-access-kernel-module
  This is a kernel module invoked reverse shell proof of concept.
  ☆72Updated 5 years ago
• Srakai / Adun
  A way to backdoor every process
  ☆66Updated 7 years ago
• RITRedteam / goofkit
  In line function hooking LKM rootkit
  ☆52Updated 5 years ago
• therealdreg / enyelkm
  LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry.
  ☆86Updated 2 years ago
• Iansus / hideproc-lkm
  Linux 4.9 Loadable Kernel Module to hide processes from system utilities
  ☆67Updated 7 years ago
• SafeBreach-Labs / Spooler
  ☆62Updated 5 years ago
• compilepeace / EVIL_RABBIT
  -x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x- LD_PRELOAD based user-land rootkit for Linux platform.
  ☆28Updated 4 years ago
• 0xN3utr0n / Noteme
  ELF packer/crypter that aims to create hardened and stealthy troyans
  ☆55Updated 3 years ago
• redtimmy / golden-frieza
  ELF launcher for encrypted binaries decrypted on-the-fly and executed in memory
  ☆26Updated 5 years ago
• narhen / procjack
  PoC of injecting code into a running Linux process
  ☆23Updated 6 years ago
• magisterquis / pcapknock
  Watches for trigger packets, runs commands or spawns a shell
  ☆24Updated 6 years ago
• RITRedteam / Headshot
  NGINX module to allow for RCE through a specific header
  ☆27Updated 2 years ago
• tyranid / DeviceGuardBypasses
  A repository of some of my Windows 10 Device Guard Bypasses
  ☆139Updated 8 years ago
• xpn / ssh-inject
  A ptrace POC by hooking SSH to reveal provided passwords
  ☆186Updated 8 years ago
• d00rt / ebfuscator
  Ebfuscator: Abusing system errors for binary obfuscation
  ☆52Updated 5 years ago
• En14c / Erebus
  Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster
  ☆30Updated 5 years ago
• tsarpaul / GLORYHook
  The first Linux hooking framework to allow merging two binary files into one!
  ☆96Updated 4 months ago
• buffermet / sewers
  Modular rootkit framework.
  ☆30Updated 4 years ago