xcellerator/linux_kernel_hacking

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/xcellerator/linux_kernel_hacking)

xcellerator / linux_kernel_hacking

Linux Kernel Hacking

☆750

Alternatives and similar repositories for linux_kernel_hacking

Users that are interested in linux_kernel_hacking are comparing it to the libraries listed below

Sorting:

m0nad / Diamorphine
View on GitHub
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
☆2,264Jan 24, 2026Updated last month
milabs / awesome-linux-rootkits
View on GitHub
awesome-linux-rootkits
☆2,032Feb 15, 2026Updated 2 weeks ago
carloslack / KoviD
View on GitHub
Red-Team LKM
☆637Dec 16, 2025Updated 2 months ago
milabs / khook
View on GitHub
Linux Kernel hooking engine (x86)
☆387Oct 14, 2025Updated 4 months ago
h3xduck / TripleCross
View on GitHub
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
☆1,942Apr 7, 2024Updated last year
reveng007 / reveng_rtkit
View on GitHub
Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypa…
☆267Dec 6, 2025Updated 2 months ago
Gui774ume / ebpfkit
View on GitHub
ebpfkit is a rootkit powered by eBPF
☆837Feb 28, 2023Updated 3 years ago
xairy / linux-kernel-exploitation
View on GitHub
A collection of links related to Linux kernel security and exploitation
☆6,353Jan 26, 2026Updated last month
xairy / vmware-exploitation
View on GitHub
A collection of links related to VMware escape exploits
☆1,494Sep 4, 2024Updated last year
h3xduck / Umbra
View on GitHub
A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…
☆135Sep 19, 2021Updated 4 years ago
bsauce / kernel-exploit-factory
View on GitHub
Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your enviro…
☆1,279Jan 29, 2026Updated last month
bsauce / kernel-security-learning
View on GitHub
Anything about kernel security. CTF kernel pwn, kernel exploit, kernel fuzz and kernel defense paper, kernel debugging technique, kernel…
☆757Jan 27, 2026Updated last month
pathtofile / bad-bpf
View on GitHub
A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29
☆684Jul 7, 2024Updated last year
marin-m / vmlinux-to-elf
View on GitHub
A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms)
☆1,686Feb 24, 2026Updated last week
smallkirby / kernelpwn
View on GitHub
kernel-pwn and writeup collection
☆700Oct 2, 2023Updated 2 years ago
nccgroup / exploit_mitigations
View on GitHub
Knowledge base of exploit mitigations available across numerous operating systems, architectures and applications and versions.
☆923May 20, 2024Updated last year
R3tr074 / brokepkg
View on GitHub
The LKM rootkit working in Linux Kernels 2.6.x/3.x/4.x/5.x
☆132Aug 8, 2023Updated 2 years ago
a13xp0p0v / kernel-hack-drill
View on GitHub
Linux kernel exploitation experiments
☆385Jan 19, 2026Updated last month
krisnova / boopkit
View on GitHub
Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.
☆1,662Oct 19, 2023Updated 2 years ago
milabs / kmatryoshka
View on GitHub
Matryoshka - stacked LKM loader
☆54Oct 8, 2023Updated 2 years ago
ilammy / ftrace-hook
View on GitHub
Using ftrace for function hooking in Linux kernel
☆295Mar 21, 2021Updated 4 years ago
NoviceLive / research-rootkit
View on GitHub
LibZeroEvil & the Research Rootkit project.
☆600Dec 1, 2021Updated 4 years ago
ldpreload / Medusa
View on GitHub
LD_PRELOAD Rootkit
☆305Apr 5, 2025Updated 10 months ago
pr0cf5 / kernel-exploit-practice
View on GitHub
repository for kernel exploit practice
☆415Nov 12, 2019Updated 6 years ago
bcoles / kasld
View on GitHub
Kernel Address Space Layout Derandomization (KASLD) - A collection of various techniques to infer the Linux kernel base virtual address a…
☆469Apr 13, 2024Updated last year
pathtofile / bpf-hookdetect
View on GitHub
Dectect syscall hooking using eBPF
☆169Apr 28, 2023Updated 2 years ago
bcoles / kernel-exploits
View on GitHub
Various kernel exploits
☆803Mar 14, 2024Updated last year
Nadharm / CoVirt
View on GitHub
A dynamically loadable virtual-machine based rootkit designed for Linux Kernel v5.13.0 using AMD-V (SVM).
☆36Oct 26, 2025Updated 4 months ago
elfmaster / maya
View on GitHub
Highly advanced Linux anti-exploitation and anti-tamper binary protector for ELF.
☆159Sep 3, 2022Updated 3 years ago
croemheld / lkm-rootkit
View on GitHub
A LKM rootkit for most newer kernel versions.
☆180Sep 17, 2017Updated 8 years ago
jthuraisamy / SysWhispers2
View on GitHub
AV/EDR evasion via direct system calls.
☆1,793Sep 3, 2022Updated 3 years ago
tr3ee / CVE-2022-23222
View on GitHub
CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation
☆579Jun 7, 2022Updated 3 years ago
yuawn / Linux-Kernel-Exploitation
View on GitHub
Linux kernel module implementation & exploitation (pwn) labs.
☆211Jan 26, 2022Updated 4 years ago
nluedtke / linux_kernel_cves
View on GitHub
Tracking CVEs for the linux Kernel
☆750Apr 9, 2024Updated last year
cloudfuzz / android-kernel-exploitation
View on GitHub
Android Kernel Exploitation
☆638Feb 13, 2022Updated 4 years ago
outflanknl / Dumpert
View on GitHub
LSASS memory dumper using direct system calls and API unhooking.
☆1,577Jan 5, 2021Updated 5 years ago
Mr-Un1k0d3r / EDRs
View on GitHub
☆2,168Feb 21, 2023Updated 3 years ago
shellphish / how2heap
View on GitHub
A repository for learning various heap exploitation techniques.
☆8,455Jan 15, 2026Updated last month
jm33-m0 / emp3r0r
View on GitHub
Self‑healing Gossip Mesh C2 with Assisted Peer Discovery, Modular Post‑Exploitation, and OPSEC‑Focused Transport
☆1,689Updated this week