GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → pentesteracademy → linux-rootkits-red-blue-teams

pentesteracademy / linux-rootkits-red-blue-teams

Licence: other
Linux Rootkits (4.x Kernel)

Programming Languages

c
50402 projects - #5 most used programming language
Makefile
30231 projects

Labels

linuxiotsecurityrootkithackingpentestingred-teamblue-team

Projects that are alternatives of or similar to linux-rootkits-red-blue-teams

awesome-list-of-secrets-in-environment-variables
🦄🔒 Awesome list of secrets in environment variables 🖥️
Stars: ✭ 538 (+860.71%)
Mutual labels:  pentesting, red-team, blue-team
ShonyDanza
A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (+53.57%)
Mutual labels:  pentesting, red-team, blue-team
Bulwark
An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (+101.79%)
Mutual labels:  pentesting, red-team
Aggressor scripts
A collection of useful scripts for Cobalt Strike
Stars: ✭ 126 (+125%)
Mutual labels:  pentesting, red-team
Hrshell
HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (+244.64%)
Mutual labels:  pentesting, red-team
Gitjacker
🔪 Leak git repositories from misconfigured websites
Stars: ✭ 1,249 (+2130.36%)
Mutual labels:  pentesting, red-team
Thecollective
The Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (+51.79%)
Mutual labels:  pentesting, red-team
Hack Tools
The all-in-one Red Team extension for Web Pentester 🛠
Stars: ✭ 2,750 (+4810.71%)
Mutual labels:  pentesting, red-team
Sessiongopher
SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
Stars: ✭ 833 (+1387.5%)
Mutual labels:  pentesting, red-team
Red Team Infrastructure Wiki
Wiki to collect Red Team infrastructure hardening resources
Stars: ✭ 2,981 (+5223.21%)
Mutual labels:  pentesting, red-team
Diamorphine
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+1194.64%)
Mutual labels:  rootkit, pentesting
Netmap.js
Fast browser-based network discovery module
Stars: ✭ 70 (+25%)
Mutual labels:  pentesting, red-team
Cloakify
CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+1928.57%)
Mutual labels:  pentesting, red-team
Go Deliver
Go-deliver is a payload delivery tool coded in Go.
Stars: ✭ 103 (+83.93%)
Mutual labels:  pentesting, red-team
Sleight
Empire HTTP(S) C2 redirector setup script
Stars: ✭ 44 (-21.43%)
Mutual labels:  pentesting, red-team
Airmaster
Use ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (+167.86%)
Mutual labels:  pentesting, red-team
juumla
🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.
Stars: ✭ 107 (+91.07%)
Mutual labels:  red-team, blue-team
Autordpwn
The Shadow Attack Framework
Stars: ✭ 688 (+1128.57%)
Mutual labels:  pentesting, red-team
Dumpsterfire
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+1283.93%)
Mutual labels:  pentesting, red-team
Physmem2profit
Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely
Stars: ✭ 244 (+335.71%)
Mutual labels:  pentesting, red-team
View All Similar Projects ➔

Linux Rootkits for Red Blue Teams

This repository contains the supporting course material for our Linux Rootkits for Red-Blue Teams training

The entire video course is available online: Linux Rootkits for Red-Blue Teams on Pentester Academy

Linux dominates the Server, Embedded and now the Internet of Things (IoT) device market. In recent times, embedded systems and IoT devices in particular have been the weapons of choice in online attacks: botnets like Mirai and Reaper to name a few. Soon the simple attack vectors that these botnets and malware use get patched, it is obvouis that the attacker will move and hide his tools in Kernel mode. This course will teach Red-Blue teams how kernel mode attack kits work and what to go about protecting their systems against it. We will use examples on x86_64, ARM and MIPS based architectures.

This entire course will be run on the latest Linux Kernel 4.15.x. This course is completely hands-on and everything will be taught with practical examples in the form of Kernel Modules written in C. You can however follow this course with a basic knowledge of Linux as we discuss everything from the very basics.

A non-exhaustive list of topics include:

  • Linux Boot Process
  • Browsing the Kernel code
  • Linux Architecture and Process Internals
  • Loadable Kernel Module (LKM) Programming Basics
  • Understading internal kernel structures and the syscall mechanism
  • Interrupt and Process context, Timers and Watchdogs
  • Manipulating internal process structures
  • Hijacking the system call table
  • Subverting kernel memory protections
  • Monitoring the system with Kprobes
  • Kernel syncronization methods and common LKM pitfalls
  • User space - Kernel space data transfers
  • Monitoring a user space process from the kernel
  • Accessing user space process memory
  • Modifying the core kernel code to create custom hooks
  • Understanding the kernel network stack
  • Netfilters and Custom Hooks
  • Network packet filtering and mangling with custom LKMs
  • Analyzing Kernel mode Rootkits
  • Defending against Kernel Mode attacks
  • Chain of trust implementations
  • and other topics

We cover all of these topics in the online course and how to use these files.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].