Alternatives and similar repositories for SHELF-Loading

Users that are interested in SHELF-Loading are comparing it to the libraries listed below

• ulexec / ElfLocker
  PoC multi-layer protector for ELF32 x86 binaries
  ☆11Updated 3 years ago
• perturbed-platypus / LinooxMalware
  ☆27Updated 5 years ago
• airbus-cert / ttd2mdmp
  Extract data of TTD trace file to a minidump
  ☆28Updated last year
• ioncodes / kdbg-driver-workstation
  ☆14Updated 3 years ago
• ksen-lin / nitara2
  yet another hidden LKM hunter
  ☆23Updated last year
• X-C3LL / memdlopen-lib
  ☆13Updated 2 years ago
• dsnezhkov / elfpack
  ☆47Updated 2 years ago
• dsnezhkov / exclave
  ☆16Updated 4 years ago
• En14c / Erebus
  Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster
  ☆29Updated 5 years ago
• ic3qu33n / michelangelo-reanimator
  Michelangelo REanimator bootkit and REcon 2023 talk slides/materials
  ☆30Updated last year
• rhotav / PT_LOAD-Injector
  An injector that use PT_LOAD technique
  ☆12Updated 2 years ago
• therealdreg / dregate
  call gates as stable comunication channel for NT x86 and Linux x86_64
  ☆32Updated last year
• therealdreg / nasm_linux_x86_64_pure_sharedlib
  NASM Linux x86_64 pure (no deps) shared library (.so), POC for Reflective ELF SO injection
  ☆30Updated last year
• msuiche / smbaloo
  ☆48Updated 4 years ago
• linuxthor / rkspotter
  Rootkit spotter - experimental Linux rootkit finder LKM
  ☆30Updated 4 years ago
• h0mbre / syscall
  ☆18Updated 5 years ago
• kryptoslogic / binja_degobfuscate
  Fix Go obfuscated binaries that were obfuscated using gobfuscator
  ☆47Updated 3 years ago
• 3intermute / hvICE
  hypervisor enforced patch protection for the linux kernel with xen + libvmi, libvmi KASLR offset spoofer
  ☆33Updated last year
• PinkNoize / shelf-loader-poc
  ☆12Updated 3 years ago
• alexander-hanel / RenameLocalVars
  RenameLocalVars is an IDA plugin that renames local variables to something easier to read.
  ☆15Updated last year
• gdbinit / flare-on
  Repository for Flare-On challenges and solutions/code
  ☆9Updated 6 months ago
• yo-yo-yo-jbo / anti_debugging_intro
  ☆24Updated 2 years ago
• narhen / procjack
  PoC of injecting code into a running Linux process
  ☆23Updated 5 years ago
• milabs / kjector
  Code injection from Linux kernel to a process
  ☆21Updated 2 years ago
• bhassani / doublepulsar
  DoublePulsar (Position-Independent) Shellcode (Windows 7 SP1 x64)
  ☆27Updated 5 years ago
• reb311ion / emerald
  Import DynamoRIO drcov code coverage data into Ghidra
  ☆43Updated last year
• elfmaster / scop_virus_paper
  ELF Virus infection techniques that work with SCOP (Secure code partitioned) executables
  ☆15Updated 6 years ago
• uf0o / Counterfeit_Object_Oriented_Programming_COOP
  ☆12Updated 8 months ago
• PwCUK-CTO / BinaryNinja_shellcodehashes
  Port of Mandiant ShellcodeHashes plugin from IDA to BinaryNinja
  ☆11Updated 10 months ago
• tyranid / DumpReparsePoints
  This is a simple tool to dump all the reparse points on an NTFS volume.
  ☆33Updated 4 years ago