Alternatives and similar repositories for rootkit

Users that are interested in rootkit are comparing it to the libraries listed below

• croemheld / lkm-rootkit
  A LKM rootkit for most newer kernel versions.
  ☆175Updated 7 years ago
• milabs / kmatryoshka
  Matryoshka - stacked LKM loader
  ☆52Updated last year
• xpn / ssh-inject
  A ptrace POC by hooking SSH to reveal provided passwords
  ☆181Updated 8 years ago
• infosecguerrilla / ReflectiveSOInjection
  Reflective SO injection is a library injection technique in which the concept of reflective programming is employed to perform the loadin…
  ☆116Updated 8 years ago
• W3ndige / linux-process-injection
  Proof of concept for injecting simple shellcode via ptrace into a running process.
  ☆69Updated 2 years ago
• elfmaster / dt_infect
  ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD
  ☆110Updated 5 years ago
• RITRedteam / goofkit
  In line function hooking LKM rootkit
  ☆51Updated 5 years ago
• dsnezhkov / zombieant
  Zombie Ant Farm: Primitives and Offensive Tooling for Linux EDR evasion.
  ☆225Updated 5 years ago
• pentesteracademy / linux-rootkits-red-blue-teams
  Linux Rootkits (4.x Kernel)
  ☆82Updated 3 years ago
• Error996 / bdvl
  bdvl
  ☆113Updated 3 years ago
• therealdreg / enyelkm
  LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry.
  ☆86Updated last year
• Andromeda1957 / Reversing-Challenges
  Reverse engineering challenges
  ☆50Updated 5 years ago
• chokepoint / Jynx2
  JynxKit2 is an LD_PRELOAD userland rootkit based on the original JynxKit. The backdoor has been replaced with an "accept()" system hook.
  ☆172Updated 12 years ago
• saaramar / execve_exploit
  Hardcore corruption of my execve() vulnerability in WSL
  ☆215Updated 7 years ago
• hellosputnik / exploit-exercises
  exploit-exercises holds my solutions and thoughts on the exercises on exploit-exercises.com
  ☆31Updated 6 years ago
• QuokkaLight / rkduck
  Linux v4.x.x Rootkit
  ☆90Updated 9 months ago
• mandiant / flare-kscldr
  FLARE Kernel Shellcode Loader
  ☆177Updated 6 years ago
• hacksysteam / WpadEscape
  Sandbox escape using WinHTTP Web Proxy Auto-Discovery Service
  ☆85Updated 5 years ago
• ivision-research / gostringsr2
  Find strings in Go binaries
  ☆53Updated 5 years ago
• unixist / seccomp-bypass
  Collection of shellcodes that use a variety of syscalls in order to bypass some seccomp configurations
  ☆71Updated 8 years ago
• milabs / lkrg-bypass
  LKRG bypass methods
  ☆72Updated 5 years ago
• d3npa / freebsd-rootkits
  Exercises from Designing BSD Rootkits working in 2020 with FreeBSD 12.2
  ☆47Updated 2 years ago
• 0x00-0x00 / Shellkiller
  A killer reverse-shell script that is able to use a lot of techniques to ensure your shell will pop back to you.
  ☆28Updated 7 years ago
• Plazmaz / CVE-2019-18634
  A functional exploit for CVE-2019-18634, a BSS overflow in sudo's pwfeedback feature that allows for for privesc
  ☆58Updated 5 years ago
• ChrisTheCoolHut / Linux_kernel_exploitation
  https://breaking-bits.gitbook.io/breaking-bits/exploit-development/linux-kernel-exploit-development
  ☆44Updated 3 years ago
• renorobert / virtualbox-cve-2018-2844
  ☆99Updated 6 years ago
• maK- / reverse-shell-access-kernel-module
  This is a kernel module invoked reverse shell proof of concept.
  ☆72Updated 5 years ago
• vulnwarex / bin2sc
  Binary to shellcode from an object/executable format 32 & 64-bit PE , ELF
  ☆73Updated 4 years ago
• linuxthor / rkspotter
  Rootkit spotter - experimental Linux rootkit finder LKM
  ☆29Updated 4 years ago
• dobin / yookiterm-slides
  Exploitation and Mitigation Slides
  ☆128Updated 11 months ago