Alternatives and similar repositories for adore-ng

Users that are interested in adore-ng are comparing it to the libraries listed below

• croemheld / lkm-rootkit
  A LKM rootkit for most newer kernel versions.
  ☆177Updated 7 years ago
• therealdreg / enyelkm
  LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry.
  ☆86Updated last year
• nbulischeck / tyton
  Kernel-Mode Rootkit Hunter
  ☆369Updated 3 years ago
• QuokkaLight / rkduck
  Linux v4.x.x Rootkit
  ☆90Updated 10 months ago
• NoviceLive / research-rootkit
  LibZeroEvil & the Research Rootkit project.
  ☆593Updated 3 years ago
• ivyl / rootkit
  Sample Rootkit for Linux
  ☆399Updated 10 months ago
• mncoppola / suterusu
  An LKM rootkit targeting Linux 2.6/3.x on x86(_64), and ARM
  ☆657Updated 7 years ago
• dgoulet / kjackal
  Linux Rootkit Scanner
  ☆89Updated 3 years ago
• xpn / ssh-inject
  A ptrace POC by hooking SSH to reveal provided passwords
  ☆182Updated 8 years ago
• chompie1337 / Linux_LPE_eBPF_CVE-2021-3490
  ☆302Updated last year
• elfmaster / saruman
  ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)
  ☆135Updated 7 years ago
• gpoulios / ROPInjector
  Patching ROP-encoded shellcodes into PEs
  ☆186Updated 7 years ago
• r00tkillah / HORSEPILL
  HORSEPILL rootkit PoC
  ☆228Updated 8 years ago
• 0xfffffffa / apache-rootkit
  A malicious Apache module with rootkit functionality
  ☆1Updated 10 years ago
• artkond / cisco-rce
  CVE-2017-3881 Cisco Catalyst Remote Code Execution PoC
  ☆208Updated 8 years ago
• mempodippy / cub3
  Proof of concept for LD_PRELOAD malware that uses extended attributes to protect files.
  ☆118Updated 9 years ago
• chokepoint / Jynx2
  JynxKit2 is an LD_PRELOAD userland rootkit based on the original JynxKit. The backdoor has been replaced with an "accept()" system hook.
  ☆173Updated 12 years ago
• chokepoint / azazel
  Azazel is a userland rootkit based off of the original LD_PRELOAD technique from Jynx rootkit. It is more robust and has additional feat…
  ☆786Updated last year
• EgeBalci / Cminer
  Cminer is a tool for enumerating the code caves in PE files.
  ☆152Updated 2 years ago
• 0x00pf / 0x00sec_code
  Code for my 0x00sec.org posts
  ☆323Updated 4 years ago
• Error996 / bdvl
  bdvl
  ☆113Updated 3 years ago
• tkmru / awesome-linux-rootkits
  a summary of linux rootkits published on GitHub
  ☆177Updated 5 years ago
• emptymonkey / mimic
  Hide processes as a normal user in Linux.
  ☆258Updated 11 months ago
• duasynt / xfrm_poc
  Linux kernel XFRM UAF poc (3.x - 5.x kernels)
  ☆134Updated 5 years ago
• bdamele / shellcodeexec
  Script to execute in memory a sequence of opcodes
  ☆411Updated 11 years ago
• rip1s / CVE-2017-11882
  CVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum.
  ☆329Updated 7 years ago
• rootfoo / rootkit
  Fully functional but simplified Linux Kernel Module (LKM) Rootkit for educational purposes
  ☆61Updated 6 years ago
• packz / ropeme
  ROPME is a set of python scripts to generate ROP gadgets and payload.
  ☆148Updated 9 years ago
• bigric3 / cve-2018-8120
  ☆164Updated 7 years ago
• t57root / pwnginx
  Pwn nginx - a nginx backdoor provides shell access, socks5 tunneling, http password sniffing.
  ☆229Updated 6 years ago