spiderpig1297 / kprochide
kprochide is an LKM for hiding processes from the userland. The module is able to hide multiple processes and is able to dynamically receive new processes to hide.
☆21Updated 4 years ago
Alternatives and similar repositories for kprochide:
Users that are interested in kprochide are comparing it to the libraries listed below
- Binary (In)security tool☆25Updated 10 months ago
- Another (bad) ROP gadget finder, but this time in Rust☆20Updated last year
- Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster☆29Updated 5 years ago
- Rootkit Detector for UNIX☆61Updated last year
- ELF packer/crypter that aims to create hardened and stealthy troyans☆54Updated 3 years ago
- kunkillable is an LKM that makes userland processes unkillable.☆15Updated 4 years ago
- Small Rust programs that do weird things☆30Updated 3 years ago
- Exploits pack for the Windows Kernel mode driver HackSysExtremeVulnerableDriver written for educational purposes.☆66Updated 3 years ago
- Matryoshka - stacked LKM loader☆52Updated last year
- ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD☆110Updated 5 years ago
- Load a DLL from memory☆32Updated 3 years ago
- Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis☆45Updated 7 years ago
- Simple LKM linux kernel rootkit (x86 / x86_64)☆23Updated 4 years ago
- Fix Go obfuscated binaries that were obfuscated using gobfuscator☆47Updated 3 years ago
- r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems☆27Updated 6 years ago
- Rootkit spotter - experimental Linux rootkit finder LKM☆28Updated 4 years ago
- Linux kernel rootkit to hide certain files and processes.☆36Updated 11 years ago
- ☆36Updated 5 years ago
- kfile-over-icmp is an LKM for stealth sending of files over ICMP communication.☆17Updated 4 years ago
- File Capability Extractor☆13Updated last month
- This repository contains the sources and documentation for the SWAPGS attack PoC (CVE-2019-1125)☆41Updated 5 years ago
- r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems☆26Updated 6 years ago
- In line function hooking LKM rootkit☆51Updated 5 years ago
- Just a modern packer for elf binaries ( works on linux executables only )☆42Updated 4 years ago
- Vagrant setup for building a machine for CTF/exploit development☆22Updated 6 years ago
- An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses☆64Updated 3 years ago
- A tool like /bin/ps but uses /proc/kcore for walking the tasklist; this finds hidden processes☆58Updated 10 years ago
- Configure SPI flash write protection.☆23Updated 4 years ago
- Rust binding for Keystone assembler framework☆11Updated 6 years ago
- Flare-On solutions☆36Updated 5 years ago