rootfoo / rootkit
Fully functional but simplified Linux Kernel Module (LKM) Rootkit for educational purposes
☆58Updated 5 years ago
Related projects: ⓘ
- Proof of concept for injecting simple shellcode via ptrace into a running process.☆58Updated last year
- Sandbox escape using WinHTTP Web Proxy Auto-Discovery Service☆84Updated 5 years ago
- bdvl☆100Updated 2 years ago
- ELF launcher for encrypted binaries decrypted on-the-fly and executed in memory☆26Updated 4 years ago
- Matryoshka - stacked LKM loader☆50Updated 11 months ago
- The first Linux hooking framework to allow merging two binary files into one!☆96Updated 4 years ago
- LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry.☆81Updated last year
- Zombie Ant Farm: Primitives and Offensive Tooling for Linux EDR evasion.☆217Updated 5 years ago
- This is a kernel module invoked reverse shell proof of concept.☆68Updated 4 years ago
- A functional exploit for CVE-2019-18634, a BSS overflow in sudo's pwfeedback feature that allows for for privesc☆57Updated 4 years ago
- LKRG bypass methods☆69Updated 4 years ago
- Reverse engineering challenges☆50Updated 4 years ago
- Alphanumeric Shellcode (x86) Encoder☆72Updated 2 years ago
- A ptrace POC by hooking SSH to reveal provided passwords☆174Updated 7 years ago
- a pstree mod that prints other helpful information and with added functionality☆23Updated 4 years ago
- A LKM rootkit for most newer kernel versions.☆170Updated 7 years ago
- Binary Golf Library☆62Updated 3 years ago
- exploit-exercises holds my solutions and thoughts on the exercises on exploit-exercises.com☆31Updated 5 years ago
- JynxKit2 is an LD_PRELOAD userland rootkit based on the original JynxKit. The backdoor has been replaced with an "accept()" system hook.☆158Updated 11 years ago
- In line function hooking LKM rootkit☆51Updated 4 years ago
- Linux v4.x.x Rootkit☆86Updated last month
- shell for nasm☆61Updated 4 years ago
- Sandfly Linux Stealth Rootkit Decloaking Utility☆88Updated last year
- This framework enables user to discover JOP gagdets and can automate building a complete JOP chain to bypass DEP. JOP ROCKET is the ultim…☆96Updated 2 weeks ago
- Tool to examine the behaviour of setuid binaries under constrained limits.☆62Updated 3 years ago
- -x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x- LD_PRELOAD based user-land rootkit for Linux platform.☆26Updated 3 years ago
- Hardcore corruption of my execve() vulnerability in WSL☆214Updated 6 years ago
- An example rootkit that gives a userland process root permissions☆74Updated 4 years ago
- simple shellcode generator☆111Updated 7 years ago
- CLI tool to analyze PE files☆83Updated last year