Alternatives and similar repositories for lkm-hidden

Users that are interested in lkm-hidden are comparing it to the libraries listed below

• 3intermute / linux_syscall_hook
  system call hooking on arm64 linux via a variety of methods
  ☆50Updated 3 years ago
• secnotes / elfspirit
  ELF static analysis and injection framework that parse, manipulate, patch and camouflage ELF files.
  ☆114Updated last month
• cs1ime / AndroidSuperInject
  Injecting into SELinux-protected system service processes under root on Android.
  ☆44Updated last year
• lockedbyte / so_loader
  In-memory ELF shared library loading
  ☆44Updated 2 years ago
• Rhydon1337 / linux-kernel-so-injector
  Kernel mode to user mode so injection
  ☆91Updated 4 years ago
• veritas501 / ToyObfuscator
  Toy LLVM obfuscator pass
  ☆75Updated 3 years ago
• HexRaysSA / IDAPython
  IDAPython project for Hex-Ray's IDA Pro
  ☆25Updated 8 months ago
• cbwang505 / unicorn-whpx
  跨平台模拟执行unicorn框架基于Qemu的TCG模式(Tiny Code Generator),以无硬件虚拟化支持方式实现全系统的虚拟化,支持跨平台和架构的CPU指令模拟,本文讨论是一款笔者的实验性项目采用Windows Hypervisor Platform虚拟机模式…
  ☆69Updated last year
• thomasxm / Akira-obfuscator
  Another LLVM-obfuscator based on LLVM-17. A fork of Arkari
  ☆93Updated last year
• g0mxxm / Anti-Obfuscation
  The tool can be used to eliminate redundant instructions in a basic block.
  ☆81Updated 2 years ago
• bluesadi / debogus
  Deobfuscate OLLVM Bogus Control Flow via angr
  ☆64Updated 3 years ago
• RouNNdeL / anti-rootkit-lkm
  A simple anti-rootkit Linux kernel module for an 'Operating Systems Security' course.
  ☆16Updated 4 years ago
• pathtofile / bpf-hookdetect
  Dectect syscall hooking using eBPF
  ☆161Updated 2 years ago
• gmh5225 / AndroidDriveSignity
  AndroidDriveSignity is a Python utility designed to bypass driver signature verification in Android kernel(ARMv8.3), facilitating the loa…
  ☆65Updated last year
• zzzcccyyyggg / Kotoamatsukami
  Kotoamatsukami is an obfuscator based on LLVM-17, utilizing LLVM's new pass to implement plug-in features, for obfuscating multiple langu…
  ☆52Updated 5 months ago
• killvxk / awesome-bootkit
  Bootkits
  ☆18Updated last year
• ddddhm1234 / TTDEngine
  ☆32Updated last year
• bigBestWay / CodeObfs
  LLVM based "VM" obfuscator
  ☆143Updated 4 years ago
• 3intermute / arm64_silent_syscall_hook
  silent syscall hooking without modifying sys_call_table/handlers via patching exception handler
  ☆134Updated last year
• junknet / kernel-debugger
  内核硬件调试器模块，rootkit操作 dump
  ☆35Updated 3 years ago
• KpwnZ / sllvm-obfuscator
  Implementation of sllvm obfuscator
  ☆66Updated 2 years ago
• maskelihileci / IDA_Ollvm-unflattener
  Control Flow Flattening Deobfuscator for Obfuscator-LLVM as a plugin for IDA Pro.
  ☆42Updated 4 months ago
• kiks7 / KRWX
  Kernel Read Write Execute
  ☆85Updated last year
• leommxj / AphroditeF5
  ida pro collapse plugin
  ☆28Updated 2 years ago
• zandi / eBPF_processor
  An IDA processor for eBPF bytecode
  ☆67Updated 9 months ago
• MrRoy09 / VMwhere
  LLVM based obfuscation engine
  ☆99Updated 2 months ago
• Nadharm / CoVirt
  A dynamically loadable virtual-machine based rootkit designed for Linux Kernel v5.13.0 using AMD-V (SVM).
  ☆29Updated 3 years ago
• scc-tw / VMPilot
  VMPilot: A Modern C++ Virtual Machine SDK
  ☆240Updated 5 months ago
• cylance / eBPF_processor
  An IDA processor for eBPF bytecode
  ☆48Updated 3 years ago
• xrw67 / elfloader
  load so file into current memory space and run function
  ☆108Updated 8 years ago