Alternatives and similar repositories for linux-rootkits

Users that are interested in linux-rootkits are comparing it to the libraries listed below

• NexusBots / Umbreon-Rootkit
  ☆65Updated 9 years ago
• milabs / kmatryoshka
  Matryoshka - stacked LKM loader
  ☆54Updated 2 years ago
• perturbed-platypus / LinooxMalware
  ☆28Updated 6 years ago
• oneNutW0nder / CatTails
  Raw socket library/framework for red team events
  ☆34Updated 2 years ago
• seifreed / awesome-sandbox-evasion
  A summary about different projects/presentations/tools to test how to evade malware sandbox systems
  ☆55Updated 7 years ago
• t57root / amcsh
  A More Comfortable (remote) SHell with full pty support and both reverse / bindport connection mode.
  ☆30Updated 12 years ago
• jackson5sec / ShimDB
  Shim database persistence (Fin7 TTP)
  ☆37Updated 5 years ago
• dsnezhkov / exclave
  ☆16Updated 4 years ago
• jcramb / revshell
  reverse shell with tty emulation, openssl encryption and support for multiple tcp proxies
  ☆28Updated 9 years ago
• QuokkaLight / rkduck
  Linux v4.x.x Rootkit
  ☆92Updated last year
• magisterquis / pcapknock
  Watches for trigger packets, runs commands or spawns a shell
  ☆26Updated 6 years ago
• therealdreg / enyelkm
  LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry.
  ☆87Updated 2 years ago
• wumb0 / watershell
  Run commands on linux through those pesky firewalls
  ☆28Updated 10 years ago
• Srakai / Adun
  A way to backdoor every process
  ☆68Updated 8 years ago
• nnedkov / swiss_army_rootkit
  ☆34Updated 9 years ago
• m0nad / PSG
  "Polymorphic" shellcode generator (x86)
  ☆25Updated 11 years ago
• amitwaisel / Malproxy
  Proxy system calls over an RPC channel
  ☆99Updated 3 years ago
• djhohnstein / ProcessReimaging
  Process reimaging proof of concept code
  ☆97Updated 6 years ago
• zeroSteiner / reflective-polymorphism
  Reflective Polymorphism
  ☆109Updated 7 years ago
• tyranid / DeviceGuardBypasses
  A repository of some of my Windows 10 Device Guard Bypasses
  ☆139Updated 8 years ago
• SafeBreach-Labs / Spooler
  ☆62Updated 5 years ago
• NtRaiseHardError / Kaiser
  Fileless persistence, attacks and anti-forensic capabilties.
  ☆93Updated 7 years ago
• Iansus / hideproc-lkm
  Linux 4.9 Loadable Kernel Module to hide processes from system utilities
  ☆67Updated 7 years ago
• threatexpress / subshell
  SubShell is a python command shell used to control and execute commands through HTTP requests to a webshell. SubShell acts as the interfa…
  ☆75Updated 9 years ago
• 0xN3utr0n / Noteme
  ELF packer/crypter that aims to create hardened and stealthy troyans
  ☆57Updated 4 years ago
• narhen / procjack
  PoC of injecting code into a running Linux process
  ☆23Updated 6 years ago
• panagioto / Mimir
  A C++ POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread. Credit to @spotheplanet for his notes…
  ☆45Updated 4 years ago
• xorrior / poseidon
  Apfell Golang macOS/Linux/Windows implant
  ☆89Updated 4 years ago
• stephenbradshaw / shellcode
  Various shell code I have written
  ☆18Updated 5 years ago
• HexHive / malWASH
  ☆116Updated 9 years ago