Alternatives and similar repositories for SHELF-Loading

Users that are interested in SHELF-Loading are comparing it to the libraries listed below

• ulexec / ElfLocker
  PoC multi-layer protector for ELF32 x86 binaries
  ☆12Updated 3 years ago
• perturbed-platypus / LinooxMalware
  ☆28Updated 6 years ago
• elfmaster / linker_preloading_virus
  An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses
  ☆66Updated 3 years ago
• msuiche / smbaloo
  ☆48Updated 5 years ago
• airbus-cert / ttd2mdmp
  Extract data of TTD trace file to a minidump
  ☆31Updated 2 years ago
• dsnezhkov / elfpack
  ☆50Updated 3 years ago
• h0mbre / syscall
  ☆18Updated 5 years ago
• X-C3LL / memdlopen-lib
  ☆13Updated 3 years ago
• PinkNoize / shelf-loader-poc
  ☆12Updated 4 years ago
• dsnezhkov / exclave
  ☆16Updated 4 years ago
• kryptoslogic / binja_degobfuscate
  Fix Go obfuscated binaries that were obfuscated using gobfuscator
  ☆50Updated 4 years ago
• linuxthor / rkspotter
  Rootkit spotter - experimental Linux rootkit finder LKM
  ☆30Updated 5 years ago
• RITRedteam / goofkit
  In line function hooking LKM rootkit
  ☆52Updated 5 years ago
• ic3qu33n / michelangelo-reanimator
  Michelangelo REanimator bootkit and REcon 2023 talk slides/materials
  ☆30Updated last year
• En14c / Erebus
  Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster
  ☆32Updated 5 years ago
• ioncodes / kdbg-driver-workstation
  ☆14Updated 4 years ago
• milabs / kmatryoshka
  Matryoshka - stacked LKM loader
  ☆54Updated 2 years ago
• xpcmdshell / electron-probe
  Electron-Probe leverages the Node variant of the Chrome Debugging Protocol to execute JavaScript payloads inside of target Electron appli…
  ☆31Updated 2 weeks ago
• d00rt / ebfuscator
  Ebfuscator: Abusing system errors for binary obfuscation
  ☆52Updated 5 years ago
• its-a-feature / macos_execute_from_memory
  PoC of macho loading from memory
  ☆58Updated last year
• therealdreg / nasm_linux_x86_64_pure_sharedlib
  NASM Linux x86_64 pure (no deps) shared library (.so), POC for Reflective ELF SO injection
  ☆31Updated 2 years ago
• peterwintersmith / crystalaep
  Crystal Anti-Exploit Protection 2012
  ☆37Updated 5 years ago
• silascutler / DetuxNG
  The Multiplatform Linux Sandbox
  ☆16Updated 2 years ago
• Dump-GUY / Python3---Binary-Data-Manipulation
  Python 3 - Manipulation and conversation with different data type (Bytes operations)
  ☆27Updated 3 years ago
• ghidragolf / ghidra_scripts
  Scripts from Ghidra Golf competitions
  ☆34Updated 3 years ago
• Binject / forger
  ☆20Updated 6 years ago
• tyranid / DumpReparsePoints
  This is a simple tool to dump all the reparse points on an NTFS volume.
  ☆33Updated 5 years ago
• uf0o / exploit_dev
  A collection of various exploits
  ☆28Updated last year
• rhotav / PT_LOAD-Injector
  An injector that use PT_LOAD technique
  ☆12Updated 3 years ago
• connormcgarr / Presentations
  ☆30Updated 4 months ago