All Projects → m0nad → Diamorphine

m0nad / Diamorphine

Licence: other
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Programming Languages

c
50402 projects - #5 most used programming language

Projects that are alternatives of or similar to Diamorphine

Sippts
Set of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-84%)
Mutual labels:  hacking, security-tools, pentesting, pentest, hacking-tool, security-audit
Jok3r
Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Stars: ✭ 645 (-11.03%)
Mutual labels:  hacking, security-tools, pentest, hacking-tool, security-audit
Dumpsterfire
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+6.9%)
Mutual labels:  hacking, security-tools, pentesting, pentest, hacking-tool
Habu
Hacking Toolkit
Stars: ✭ 635 (-12.41%)
Mutual labels:  hacking, security-tools, pentesting, pentest, security-audit
Pentesting Bible
Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+1138.76%)
Mutual labels:  hacking, pentesting, malware, hacking-tool, redteam
Dr0p1t Framework
A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
Stars: ✭ 1,132 (+56.14%)
Mutual labels:  hacking, malware, pentest, hacking-tool, backdoor
Cloakify
CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+56.69%)
Mutual labels:  hacking, security-tools, pentesting, pentest, hacking-tool
Crithit
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-74.9%)
Mutual labels:  hacking, security-tools, pentesting, hacking-tool, security-audit
Powershell Rat
Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (-12.28%)
Mutual labels:  hacking, pentesting, hacking-tool, backdoor
MsfMania
Python AV Evasion Tools
Stars: ✭ 388 (-46.48%)
Mutual labels:  backdoor, malware, pentest, redteam
Father
LD_PRELOAD rootkit
Stars: ✭ 59 (-91.86%)
Mutual labels:  backdoor, rootkit, malware, redteam
Hosthunter
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-41.1%)
Mutual labels:  hacking, security-tools, pentesting, hacking-tool
Fireelf
fireELF - Fileless Linux Malware Framework
Stars: ✭ 435 (-40%)
Mutual labels:  security-tools, pentesting, malware, redteam
Umbra
A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malware and more.
Stars: ✭ 98 (-86.48%)
Mutual labels:  backdoor, rootkit, malware, linux-kernel
Rspet
RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.
Stars: ✭ 251 (-65.38%)
Mutual labels:  hacking, pentesting, security-audit, backdoor
Whatweb
Next generation web scanner
Stars: ✭ 3,503 (+383.17%)
Mutual labels:  hacking, security-tools, pentesting, pentest
Thc Archive
All releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (-34.62%)
Mutual labels:  hacking, pentesting, pentest, hacking-tool
Cheatsheet God
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+385.66%)
Mutual labels:  hacking, security-tools, pentesting, hacking-tool
Xeexe Topantivirusevasion
Undetectable & Xor encrypting with custom KEY (FUD Metasploit Rat) bypass Top Antivirus like BitDefender,Malwarebytes,Avast,ESET-NOD32,AVG,... & Automatically Add ICON and MANIFEST to excitable
Stars: ✭ 387 (-46.62%)
Mutual labels:  hacking, malware, hacking-tool, backdoor
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-47.31%)
Mutual labels:  hacking, security-tools, pentesting, redteam

Diamorphine

Diamorphine is a LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x and ARM64

Features

  • When loaded, the module starts invisible;

  • Hide/unhide any process by sending a signal 31;

  • Sending a signal 63(to any pid) makes the module become (in)visible;

  • Sending a signal 64(to any pid) makes the given user become root;

  • Files or directories starting with the MAGIC_PREFIX become invisible;

  • Source: https://github.com/m0nad/Diamorphine

Install

Verify if the kernel is 2.6.x/3.x/4.x/5.x

uname -r

Clone the repository

git clone https://github.com/m0nad/Diamorphine

Enter the folder

cd Diamorphine

Compile

make

Load the module(as root)

insmod diamorphine.ko

Uninstall

The module starts invisible, to remove you need to make it visible

kill -63 0

Then remove the module(as root)

rmmod diamorphine

References

Wikipedia Rootkit https://en.wikipedia.org/wiki/Rootkit

Linux Device Drivers http://lwn.net/Kernel/LDD3/

LKM HACKING https://www.thc.org/papers/LKM_HACKING.html

Memset's blog http://memset.wordpress.com/

Linux on-the-fly kernel patching without LKM http://phrack.org/issues/58/7.html

WRITING A SIMPLE ROOTKIT FOR LINUX https://web.archive.org/web/20160620231623/http://big-daddy.fr/repository/Documentation/Hacking/Security/Malware/Rootkits/writing-rootkit.txt

Linux Cross Reference http://lxr.free-electrons.com/

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].