Alternatives and similar repositories for rootkit

Users that are interested in rootkit are comparing it to the libraries listed below

• croemheld / lkm-rootkit
  A LKM rootkit for most newer kernel versions.
  ☆180Updated 8 years ago
• chokepoint / Jynx2
  JynxKit2 is an LD_PRELOAD userland rootkit based on the original JynxKit. The backdoor has been replaced with an "accept()" system hook.
  ☆181Updated 13 years ago
• therealdreg / enyelkm
  LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry.
  ☆87Updated 2 years ago
• QuokkaLight / rkduck
  Linux v4.x.x Rootkit
  ☆92Updated last year
• elfmaster / skeksi_virus
  Devestating and awesome Linux X86_64 ELF Virus
  ☆234Updated 3 years ago
• elfmaster / saruman
  ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)
  ☆138Updated 7 years ago
• nccgroup / thetick
  A simple embedded Linux backdoor.
  ☆199Updated 5 years ago
• xpn / ssh-inject
  A ptrace POC by hooking SSH to reveal provided passwords
  ☆188Updated 8 years ago
• saaramar / execve_exploit
  Hardcore corruption of my execve() vulnerability in WSL
  ☆217Updated 7 years ago
• tkmru / awesome-linux-rootkits
  a summary of linux rootkits published on GitHub
  ☆192Updated 5 years ago
• 0x00pf / 0x00sec_code
  Code for my 0x00sec.org posts
  ☆329Updated 5 years ago
• netspooky / reversi
  Generate very tiny reverse shell binaries for Linux~
  ☆76Updated 5 years ago
• En14c / PIvirus
  sample linux x86_64 ELF virus
  ☆54Updated 7 years ago
• tsarpaul / GLORYHook
  The first Linux hooking framework to allow merging two binary files into one!
  ☆97Updated 8 months ago
• maK- / reverse-shell-access-kernel-module
  This is a kernel module invoked reverse shell proof of concept.
  ☆72Updated 6 years ago
• nnedkov / swiss_army_rootkit
  ☆34Updated 10 years ago
• strozfriedberg / Cexigua
  Linux based inter-process code injection without ptrace(2)
  ☆255Updated 8 years ago
• emptymonkey / mimic
  Hide processes as a normal user in Linux.
  ☆261Updated last year
• 0x00-0x00 / Shellkiller
  A killer reverse-shell script that is able to use a lot of techniques to ensure your shell will pop back to you.
  ☆29Updated 8 years ago
• x64dbg / mona
  Fork of mona.py with x64dbg support
  ☆109Updated 3 years ago
• yaoyumeng / adore-ng
  linux rootkit adapted for 2.6 and 3.x
  ☆218Updated 10 years ago
• W3ndige / linux-process-injection
  Proof of concept for injecting simple shellcode via ptrace into a running process.
  ☆72Updated 3 years ago
• alanvivona / pwnshop
  Exploit Development, Reverse Engineering & Cryptography
  ☆257Updated 5 months ago
• droberson / icmp-backdoor
  Backdoor that listens for specially crafted ICMP packets and spawns reverse shells.
  ☆73Updated 5 years ago
• elfmaster / dt_infect
  ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD
  ☆112Updated 5 years ago
• Binject / binjection
  Injects additional machine instructions into various binary formats.
  ☆288Updated last year
• zznop / drow
  Injects code into ELF executables post-build
  ☆237Updated last year
• packz / ropeme
  ROPME is a set of python scripts to generate ROP gadgets and payload.
  ☆148Updated 9 years ago
• jollheef / lpe
  collection of verified Linux kernel exploits
  ☆190Updated 5 years ago
• therealdreg / lsrootkit
  Rootkit Detector for UNIX
  ☆61Updated 2 years ago