Alternatives and similar repositories for rootkit

Users that are interested in rootkit are comparing it to the libraries listed below

• croemheld / lkm-rootkit
  A LKM rootkit for most newer kernel versions.
  ☆178Updated 8 years ago
• chokepoint / Jynx2
  JynxKit2 is an LD_PRELOAD userland rootkit based on the original JynxKit. The backdoor has been replaced with an "accept()" system hook.
  ☆180Updated 12 years ago
• W3ndige / linux-process-injection
  Proof of concept for injecting simple shellcode via ptrace into a running process.
  ☆72Updated 3 years ago
• elfmaster / skeksi_virus
  Devestating and awesome Linux X86_64 ELF Virus
  ☆233Updated 3 years ago
• tsarpaul / GLORYHook
  The first Linux hooking framework to allow merging two binary files into one!
  ☆96Updated 5 months ago
• tkmru / awesome-linux-rootkits
  a summary of linux rootkits published on GitHub
  ☆182Updated 5 years ago
• En14c / PIvirus
  sample linux x86_64 ELF virus
  ☆53Updated 7 years ago
• therealdreg / enyelkm
  LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry.
  ☆87Updated 2 years ago
• elfmaster / saruman
  ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)
  ☆138Updated 7 years ago
• maK- / reverse-shell-access-kernel-module
  This is a kernel module invoked reverse shell proof of concept.
  ☆72Updated 6 years ago
• ly4k / CurveBall
  PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll)
  ☆890Updated 5 years ago
• zznop / drow
  Injects code into ELF executables post-build
  ☆234Updated last year
• elfmaster / dt_infect
  ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD
  ☆111Updated 5 years ago
• elfmaster / taskverse
  A tool like /bin/ps but uses /proc/kcore for walking the tasklist; this finds hidden processes
  ☆58Updated 10 years ago
• AonCyberLabs / Cexigua
  Linux based inter-process code injection without ptrace(2)
  ☆253Updated 8 years ago
• unixist / seccomp-bypass
  Collection of shellcodes that use a variety of syscalls in order to bypass some seccomp configurations
  ☆70Updated 8 years ago
• R3x / linux-rootkits
  A collection of Linux kernel rootkits found across the internet taken and put together
  ☆85Updated 3 years ago
• nccgroup / thetick
  A simple embedded Linux backdoor.
  ☆199Updated 5 years ago
• C0deH4cker / PwnableHarness
  Manage building and deploying exploitation challenges with ease
  ☆59Updated last week
• netspooky / reversi
  Generate very tiny reverse shell binaries for Linux~
  ☆76Updated 5 years ago
• antire-book / antire_book
  Example code from "Programming Linux Anti-Reversing Techniques"
  ☆98Updated 8 years ago
• 0x00pf / 0x00sec_code
  Code for my 0x00sec.org posts
  ☆327Updated 5 years ago
• Eterna1 / puszek-rootkit
  linux rootkit
  ☆162Updated 7 years ago
• dobin / yookiterm-slides
  Exploitation and Mitigation Slides
  ☆132Updated last year
• milabs / kmatryoshka
  Matryoshka - stacked LKM loader
  ☆54Updated 2 years ago
• QuokkaLight / rkduck
  Linux v4.x.x Rootkit
  ☆93Updated last year
• Andromeda1957 / Reversing-Challenges
  Reverse engineering challenges
  ☆52Updated 6 years ago
• duasynt / xfrm_poc
  Linux kernel XFRM UAF poc (3.x - 5.x kernels)
  ☆137Updated 5 years ago
• TowerofHanoi / CTFsubmitter
  A flag submitter service with distributed attackers for attack/defense CTF games.
  ☆73Updated 6 years ago
• xpn / ssh-inject
  A ptrace POC by hooking SSH to reveal provided passwords
  ☆187Updated 8 years ago