Alternatives and similar repositories for lkm-hidden

Users that are interested in lkm-hidden are comparing it to the libraries listed below

• 3intermute / linux_syscall_hook
  system call hooking on arm64 linux via a variety of methods
  ☆49Updated 3 years ago
• secnotes / elfspirit
  ELF static analysis and injection framework that parse, manipulate, patch and camouflage ELF files.
  ☆143Updated last month
• KpwnZ / sllvm-obfuscator
  Implementation of sllvm obfuscator
  ☆66Updated 3 years ago
• Rhydon1337 / linux-kernel-so-injector
  Kernel mode to user mode so injection
  ☆91Updated 5 years ago
• cbwang505 / unicorn-whpx
  跨平台模拟执行unicorn框架基于Qemu的TCG模式(Tiny Code Generator),以无硬件虚拟化支持方式实现全系统的虚拟化,支持跨平台和架构的CPU指令模拟,本文讨论是一款笔者的实验性项目采用Windows Hypervisor Platform虚拟机模式…
  ☆78Updated 2 years ago
• thomasxm / Akira-obfuscator
  Another LLVM-obfuscator based on LLVM-17. A fork of Arkari
  ☆110Updated last year
• kiks7 / KRWX
  Kernel Read Write Execute
  ☆83Updated last year
• killvxk / awesome-bootkit
  Bootkits
  ☆20Updated 2 years ago
• veritas501 / ToyObfuscator
  Toy LLVM obfuscator pass
  ☆76Updated 4 years ago
• Hipepper / antiVM
  Ida pro plugin. The antiVM aims to quickly identify anti-virtual machine and anti-sandbox behavior. This can speed up malware analysis.
  ☆45Updated 3 years ago
• MrRoy09 / VMwhere
  LLVM based obfuscation engine
  ☆109Updated 7 months ago
• HexRaysSA / IDAPython
  Legacy IDAPython project for Hex-Ray's IDA Pro, now maintained as part of the IDA SDK.
  ☆34Updated 4 months ago
• Nadharm / CoVirt
  A dynamically loadable virtual-machine based rootkit designed for Linux Kernel v5.13.0 using AMD-V (SVM).
  ☆35Updated 3 months ago
• scc-tw / VMPilot
  VMPilot: A Modern C++ Virtual Machine SDK
  ☆265Updated 9 months ago
• zzzcccyyyggg / Kotoamatsukami
  Kotoamatsukami is an obfuscator based on LLVM-17, utilizing LLVM's new pass to implement plug-in features, for obfuscating multiple langu…
  ☆64Updated 10 months ago
• gmh5225 / AndroidDriveSignity
  AndroidDriveSignity is a Python utility designed to bypass driver signature verification in Android kernel(ARMv8.3), facilitating the loa…
  ☆65Updated last year
• lockedbyte / so_loader
  In-memory ELF shared library loading
  ☆45Updated 3 years ago
• 3intermute / arm64_silent_syscall_hook
  silent syscall hooking without modifying sys_call_table/handlers via patching exception handler
  ☆152Updated last year
• g0mxxm / Anti-Obfuscation
  The tool can be used to eliminate redundant instructions in a basic block.
  ☆82Updated 2 years ago
• L4ys / LazyCross
  An IDA Pro plugin that display cross-references to functions or variables across the entire binary in Hex-Rays pseudocode
  ☆125Updated this week
• libiht / libiht
  Intel Hardware Trace Library - Kernel Space Componment
  ☆79Updated 3 months ago
• ResetMineMind / tinyKernelHook
  一个仅使用2字节修改实现内核任意函数hook的方法。
  ☆57Updated 8 months ago
• NoHeart2019 / KasR3Hook
  使用 Intel 虚拟化特性实现应用层HOOK
  ☆65Updated 4 months ago
• ShallowFeather / KDemu
  A Windows Kernel Driver Emulator base on Unicorn, Kernel Memory Dump and some of native environment
  ☆158Updated last week
• samdspeare / othread
  an obfuscator based on LLVM which can obfuscate the program execution trajectory
  ☆106Updated 4 years ago
• killvxk / awesome-obfuscations
  ☆75Updated 6 months ago
• redthing1 / w1tn3ss
  binary instrumentation, analysis, and patching framework
  ☆100Updated this week
• SeanPesce / SELinux-Kernel-Module-Bypass
  Tools to bypass flawed SELinux policies using the init_module system call
  ☆57Updated 2 years ago
• pathtofile / bpf-hookdetect
  Dectect syscall hooking using eBPF
  ☆167Updated 2 years ago
• garzon / obfacros
  obfacros - a set of C++ macros that can be used to obfuscate your c/c++ code, to make executables harder for reverse-engineering.
  ☆46Updated 6 years ago