Alternatives and similar repositories for lkm-hidden

Users that are interested in lkm-hidden are comparing it to the libraries listed below

• lockedbyte / so_loader
  In-memory ELF shared library loading
  ☆40Updated 2 years ago
• 3intermute / linux_syscall_hook
  system call hooking on arm64 linux via a variety of methods
  ☆49Updated 3 years ago
• yaxinsn / vermagic
  Change vermagic and CRCs of a Linux Kernel Module
  ☆52Updated 6 years ago
• killvxk / awesome-bootkit
  Bootkits
  ☆19Updated last year
• gmh5225 / AndroidDriveSignity
  AndroidDriveSignity is a Python utility designed to bypass driver signature verification in Android kernel(ARMv8.3), facilitating the loa…
  ☆64Updated last year
• cs1ime / AndroidSuperInject
  Injecting into SELinux-protected system service processes under root on Android.
  ☆40Updated last year
• secnotes / elfspirit
  ELF static analysis and injection framework that parse, manipulate, patch and camouflage ELF files.
  ☆63Updated last month
• 3intermute / arm64_silent_syscall_hook
  silent syscall hooking without modifying sys_call_table/handlers via patching exception handler
  ☆130Updated last year
• gmh5225 / android-kernel-driver-template
  A GKI Android kernel driver(ARMv8.3) template compiled by llvm-msvc
  ☆38Updated 11 months ago
• kiks7 / KRWX
  Kernel Read Write Execute
  ☆84Updated 8 months ago
• junknet / kernel-debugger
  内核硬件调试器模块，rootkit操作 dump
  ☆35Updated 3 years ago
• MoePus / wowHijack
  Run some secret code invisible from debugger single step.(x86 process on x64 windows only)
  ☆25Updated 5 years ago
• veritas501 / ToyObfuscator
  Toy LLVM obfuscator pass
  ☆72Updated 3 years ago
• Nadharm / CoVirt
  A dynamically loadable virtual-machine based rootkit designed for Linux Kernel v5.13.0 using AMD-V (SVM).
  ☆29Updated 2 years ago
• dayzerosec / IDA-Android-Kernel-Symbolizer
  An IDA plugin that allows you to use /proc/kallsyms output to import function and data labels into an extracted Android kernel image.
  ☆68Updated 5 years ago
• androidoffsec / libdevbinder
  ☆68Updated 7 months ago
• thomasxm / Akira-obfuscator
  Another LLVM-obfuscator based on LLVM-17. A fork of Arkari
  ☆73Updated last year
• VMProtectResearch / vmp2-devirtualization
  vmp2.x devirtualization
  ☆74Updated 6 months ago
• Rhydon1337 / linux-kernel-so-injector
  Kernel mode to user mode so injection
  ☆89Updated 4 years ago
• bl4ckswan / anti-disassembly
  ☆19Updated 8 years ago
• huoji120 / cpu_duck
  关于intel和amd指令行为不一样这件事
  ☆61Updated 3 years ago
• g0mxxm / Anti-Obfuscation
  The tool can be used to eliminate redundant instructions in a basic block.
  ☆81Updated last year
• stdhu / kernel-inline-hook
  linux kernel inline hook
  ☆125Updated 2 years ago
• hackcatml / frida-watchpoint-tutorial
  Frida's setHardwareWatchpoint tutorial
  ☆43Updated 7 months ago
• therealdreg / linux_kernel_debug_disassemble_ida_vmware
  Helper script for Linux kernel disassemble or debugging with IDA Pro on VMware + GDB stub (including some symbols helpers)
  ☆36Updated last year
• x-lugoo / hide-memory
  Hide the memory of the process in the Linux kernel.
  ☆10Updated 4 years ago
• therealdreg / bochs_linux_kernel_debugging
  Tools for Linux kernel debugging on Bochs (including symbols, native Bochs debugger and IDA PRO)
  ☆31Updated last year
• cbwang505 / unicorn-whpx
  跨平台模拟执行unicorn框架基于Qemu的TCG模式(Tiny Code Generator),以无硬件虚拟化支持方式实现全系统的虚拟化,支持跨平台和架构的CPU指令模拟,本文讨论是一款笔者的实验性项目采用Windows Hypervisor Platform虚拟机模式…
  ☆66Updated last year
• ulexec / elf_dynsym_obfuscation
  PoC for obfuscating the dynamic symbol table injecting a custom Hash Table to do symbol resolution
  ☆29Updated 4 years ago
• za233 / AilProtect
  a code virtualizer based on angr
  ☆29Updated 2 years ago