thalium / rkchkLinks
Rust Linux Kernel Module designed for LKM rootkit detection
☆45Updated 2 months ago
Alternatives and similar repositories for rkchk
Users that are interested in rkchk are comparing it to the libraries listed below
Sorting:
- Userland exec PoC to be used as attack vector technique☆85Updated 4 months ago
- Cheat sheet to detect and remove linux kernel rootkit☆60Updated 5 months ago
- Open Source eBPF Malware Analysis Framework☆48Updated 7 months ago
- GoResolver is a Go analysis tool using both Go symbol extraction and Control Flow Graph (CFG) similarity to identify and resolve the func…☆62Updated last month
- Circumventing "noexec" mount flag to execute arbitrary linux binaries by ptrace-less process injection☆114Updated this week
- OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"☆42Updated last year
- Linpmem is a linux memory acquisition tool☆84Updated last year
- Attacking the cleanup_module function of a kernel module☆34Updated 2 months ago
- kubernetes rootkit☆31Updated last year
- A simple Meterpreter stager written in Rust.☆38Updated 8 months ago
- eBPF Memory Dump Tool☆72Updated last week
- ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.☆109Updated last month
- Monarch - The Adversary Emulation Toolkit☆62Updated 4 months ago
- Linux rootkit for educational purposes☆31Updated last year
- ☆56Updated 6 months ago
- ☆52Updated 7 months ago
- ☆46Updated 2 months ago
- Slides and files for the Reversing Rust Binaries: One step beyond strings workshop at REcon 2024, presented on June 28, 2024.☆79Updated 11 months ago
- Dynamically invoke arbitrary code and use various tricks written idiomatically in Rust (Dinvoke)☆77Updated this week
- call gates as stable comunication channel for NT x86 and Linux x86_64☆31Updated last year
- This repository contains the public work I produced, wheter it is research, post, slides, sometimes videos, and materials of my talks.☆50Updated last month
- yet another hidden LKM hunter☆23Updated last year
- ☆34Updated last year
- POC of GITHUB simple C2 in rust☆53Updated 4 months ago
- ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…☆117Updated last month
- Malware Analysis tools☆26Updated 8 months ago
- CVE-2024-30090 - LPE PoC☆107Updated 7 months ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules☆77Updated this week
- eBPF hacks☆187Updated 5 months ago
- A few examples of how to trap virtual memory access on Windows.☆30Updated 5 months ago