Alternatives and similar repositories for lkm-hidden

Users that are interested in lkm-hidden are comparing it to the libraries listed below

• lockedbyte / so_loader
  In-memory ELF shared library loading
  ☆40Updated 2 years ago
• secnotes / elfspirit
  ELF static analysis and injection framework that parse, manipulate, patch and camouflage ELF files.
  ☆66Updated 2 weeks ago
• 3intermute / linux_syscall_hook
  system call hooking on arm64 linux via a variety of methods
  ☆50Updated 3 years ago
• cs1ime / AndroidSuperInject
  Injecting into SELinux-protected system service processes under root on Android.
  ☆40Updated last year
• kiks7 / KRWX
  Kernel Read Write Execute
  ☆84Updated 9 months ago
• junknet / kernel-debugger
  内核硬件调试器模块，rootkit操作 dump
  ☆35Updated 3 years ago
• yaxinsn / vermagic
  Change vermagic and CRCs of a Linux Kernel Module
  ☆52Updated 6 years ago
• veritas501 / ToyObfuscator
  Toy LLVM obfuscator pass
  ☆72Updated 3 years ago
• g0mxxm / Anti-Obfuscation
  The tool can be used to eliminate redundant instructions in a basic block.
  ☆81Updated last year
• huoji120 / cpu_duck
  关于intel和amd指令行为不一样这件事
  ☆61Updated 3 years ago
• malefax / Adrishya
  Author of Project Adrishya a rootkit which use ftrace mechanism to hook syscall; (write this because God commanded me); work for both x86…
  ☆15Updated 3 weeks ago
• KpwnZ / sllvm-obfuscator
  Implementation of sllvm obfuscator
  ☆66Updated 2 years ago
• therealdreg / ida_bochs_windows
  Helper script for Windows kernel debugging with IDA Pro on native Bochs debugger (including PDB symbols)
  ☆62Updated last year
• zandi / eBPF_processor
  An IDA processor for eBPF bytecode
  ☆65Updated 6 months ago
• thomasxm / Akira-obfuscator
  Another LLVM-obfuscator based on LLVM-17. A fork of Arkari
  ☆74Updated last year
• bluesadi / debogus
  Deobfuscate OLLVM Bogus Control Flow via angr
  ☆63Updated 3 years ago
• libiht / libiht
  Intel Hardware Trace Library - Kernel Space Componment
  ☆67Updated last month
• Mas0nShi / ownsha2
  minimum ELF64 program to calculate its own SHA256.
  ☆18Updated 2 years ago
• cylance / eBPF_processor
  An IDA processor for eBPF bytecode
  ☆47Updated 3 years ago
• stdhu / kernel-inline-hook
  linux kernel inline hook
  ☆125Updated 2 years ago
• therealdreg / linux_kernel_debug_disassemble_ida_vmware
  Helper script for Linux kernel disassemble or debugging with IDA Pro on VMware + GDB stub (including some symbols helpers)
  ☆37Updated last year
• IdanBanani / ELF-Processs-Injection-Linux-Android
  Shared object ELF Process injection and loading resources.
  ☆9Updated 8 months ago
• 3intermute / arm64_silent_syscall_hook
  silent syscall hooking without modifying sys_call_table/handlers via patching exception handler
  ☆131Updated last year
• Nadharm / CoVirt
  A dynamically loadable virtual-machine based rootkit designed for Linux Kernel v5.13.0 using AMD-V (SVM).
  ☆29Updated 2 years ago
• seanwupi / ida-dark-plus
  Dark+ Theme
  ☆49Updated last year
• reductor / dice-ctf-2022-breach-writeup
  Dice CTF 2022 breach write-up
  ☆15Updated 3 years ago
• Fare9 / elfparser_e
  Example of an ELF parser to learn about the ELF format
  ☆10Updated 8 months ago
• killvxk / awesome-bootkit
  Bootkits
  ☆19Updated last year
• Rhydon1337 / linux-kernel-so-injector
  Kernel mode to user mode so injection
  ☆90Updated 4 years ago
• za233 / AilProtect
  a code virtualizer based on angr
  ☆29Updated 2 years ago