rootfoo / rootkit

Related projects ⓘ

Alternatives and complementary repositories for rootkit

• chokepoint / Jynx2
  JynxKit2 is an LD_PRELOAD userland rootkit based on the original JynxKit. The backdoor has been replaced with an "accept()" system hook.
  ☆159Updated 11 years ago
• W3ndige / linux-process-injection
  Proof of concept for injecting simple shellcode via ptrace into a running process.
  ☆61Updated 2 years ago
• croemheld / lkm-rootkit
  A LKM rootkit for most newer kernel versions.
  ☆169Updated 7 years ago
• therealdreg / enyelkm
  LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry.
  ☆82Updated last year
• milabs / kmatryoshka
  Matryoshka - stacked LKM loader
  ☆50Updated last year
• xpn / ssh-inject
  A ptrace POC by hooking SSH to reveal provided passwords
  ☆180Updated 7 years ago
• therealdreg / lsrootkit
  Rootkit Detector for UNIX
  ☆61Updated last year
• Error996 / bdvl
  bdvl
  ☆109Updated 2 years ago
• d3npa / freebsd-rootkits
  Exercises from Designing BSD Rootkits working in 2020 with FreeBSD 12.2
  ☆45Updated 2 years ago
• netspooky / reversi
  Generate very tiny reverse shell binaries for Linux~
  ☆74Updated 4 years ago
• elfmaster / dt_infect
  ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD
  ☆109Updated 4 years ago
• RITRedteam / goofkit
  In line function hooking LKM rootkit
  ☆51Updated 4 years ago
• QuokkaLight / rkduck
  Linux v4.x.x Rootkit
  ☆86Updated 3 months ago
• milabs / lkrg-bypass
  LKRG bypass methods
  ☆71Updated 4 years ago
• compilepeace / EVIL_RABBIT
  -x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x- LD_PRELOAD based user-land rootkit for Linux platform.
  ☆26Updated 3 years ago
• maK- / reverse-shell-access-kernel-module
  This is a kernel module invoked reverse shell proof of concept.
  ☆71Updated 5 years ago
• infosecguerrilla / ReflectiveSOInjection
  Reflective SO injection is a library injection technique in which the concept of reflective programming is employed to perform the loadin…
  ☆113Updated 8 years ago
• h0mbre / busychild
  a pstree mod that prints other helpful information and with added functionality
  ☆24Updated 4 years ago
• PinkP4nther / Sutekh
  An example rootkit that gives a userland process root permissions
  ☆76Updated 5 years ago
• tsarpaul / GLORYHook
  The first Linux hooking framework to allow merging two binary files into one!
  ☆95Updated 4 years ago
• redtimmy / golden-frieza
  ELF launcher for encrypted binaries decrypted on-the-fly and executed in memory
  ☆26Updated 4 years ago
• droberson / icmp-backdoor
  Backdoor that listens for specially crafted ICMP packets and spawns reverse shells.
  ☆67Updated 4 years ago
• Plazmaz / CVE-2019-18634
  A functional exploit for CVE-2019-18634, a BSS overflow in sudo's pwfeedback feature that allows for for privesc
  ☆57Updated 4 years ago
• elfmaster / taskverse
  A tool like /bin/ps but uses /proc/kcore for walking the tasklist; this finds hidden processes
  ☆57Updated 9 years ago
• xcellerator / libgolf
  Binary Golf Library
  ☆62Updated 3 years ago
• dgoulet / kjackal
  Linux Rootkit Scanner
  ☆85Updated 2 years ago
• chokepoint / jynxkit
  JynxKit is an LD_PRELOAD userland rootkit for Linux systems with reverse connection SSL backdoor
  ☆56Updated 11 years ago
• renorobert / virtualbox-cve-2018-2844
  ☆100Updated 6 years ago
• Eterna1 / puszek-rootkit
  linux rootkit
  ☆156Updated 6 years ago
• rootkiter / phrack
  www.phrack.org
  ☆71Updated last year