thalium / rkchkLinks
Rust Linux Kernel Module designed for LKM rootkit detection
☆48Updated 3 months ago
Alternatives and similar repositories for rkchk
Users that are interested in rkchk are comparing it to the libraries listed below
Sorting:
- Open Source eBPF Malware Analysis Framework☆48Updated 8 months ago
- Cheat sheet to detect and remove linux kernel rootkit☆67Updated 6 months ago
- ☆59Updated 7 months ago
- Circumventing "noexec" mount flag to execute arbitrary linux binaries by ptrace-less process injection☆115Updated 3 weeks ago
- Userland exec PoC to be used as attack vector technique☆85Updated 4 months ago
- Attacking the cleanup_module function of a kernel module☆36Updated 2 months ago
- Dynamically invoke arbitrary code and use various tricks written idiomatically in Rust (Dinvoke)☆78Updated this week
- kubernetes rootkit☆31Updated last year
- Linpmem is a linux memory acquisition tool☆84Updated last year
- OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"☆42Updated last year
- A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue☆100Updated last year
- A simple Meterpreter stager written in Rust.☆38Updated 9 months ago
- CVE-2024-30090 - LPE PoC☆107Updated 8 months ago
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆71Updated last month
- e(X)tensiable (Rust) Malware Toolkit: (Soon!) Full Featured Rust C2 Framework with Awesome Features!☆24Updated 10 months ago
- GoResolver is a Go analysis tool using both Go symbol extraction and Control Flow Graph (CFG) similarity to identify and resolve the func…☆64Updated last month
- Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation☆127Updated last year
- Monarch - The Adversary Emulation Toolkit☆62Updated 5 months ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆49Updated 4 months ago
- Slides for COM Hijacking AV/EDR Talk on 38c3☆74Updated 5 months ago
- A synergized Visual Studio and Rust development environment☆18Updated 4 months ago
- Shellcode loader that executes embedded Lua from Rust.☆114Updated 6 months ago
- Windows AppLocker Driver (appid.sys) LPE☆62Updated 10 months ago
- A reflective DLL development template for the Rust programming language☆94Updated last month
- Select any exported function in a dll as the new dll's entry point.☆80Updated 7 months ago
- ☆52Updated 8 months ago
- POC of GITHUB simple C2 in rust☆53Updated 4 months ago
- ☆34Updated last year
- ☆30Updated 6 months ago
- Win32 keylogger that supports all (non-ime using) languages correctly☆50Updated last year