GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → jordan9001 → superhide

jordan9001 / superhide

Licence: other
Example of hooking a linux systemcall

Programming Languages

c
50402 projects - #5 most used programming language
shell
77523 projects
Makefile
30231 projects

Labels

rootkithidelinux-kernel-module

Projects that are alternatives of or similar to superhide

Umbra
A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malware and more.
Stars: ✭ 98 (+104.17%)
Mutual labels:  rootkit, linux-kernel-module
satan
🔓 x86 Linux Kernel rootkit for Debian 9 (4.9.0-11-686-pae)
Stars: ✭ 31 (-35.42%)
Mutual labels:  rootkit, linux-kernel-module
ebpfkit
ebpfkit is a rootkit powered by eBPF
Stars: ✭ 472 (+883.33%)
Mutual labels:  rootkit
hexo-hide-posts
A plugin to hide specific posts from your Hexo blog and make them only accessible by links. (隐藏 Hexo 文章)
Stars: ✭ 149 (+210.42%)
Mutual labels:  hide
rtl8814au
Drivers for the rtl8814au chipset wireless adapters (D-Link DWA-192 rev A1)
Stars: ✭ 18 (-62.5%)
Mutual labels:  linux-kernel-module
HideProcessHookMDL
A simple rootkit to hide a process
Stars: ✭ 43 (-10.42%)
Mutual labels:  rootkit
ebpfkit-monitor
ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits
Stars: ✭ 80 (+66.67%)
Mutual labels:  rootkit
virtual touchscreen
Simple evdev linux device driver and GUI program to simulate multitouch touchscreen
Stars: ✭ 76 (+58.33%)
Mutual labels:  linux-kernel-module
rkorova
ld_preload userland rootkit
Stars: ✭ 34 (-29.17%)
Mutual labels:  rootkit
first-steps-and-hardening-in-ubuntu-server-and-docker
First Steps in Ubuntu (Server) / Hardening and Config With Docker
Stars: ✭ 28 (-41.67%)
Mutual labels:  rootkit
NtSymbol
Resolve DOS MZ executable symbols at runtime
Stars: ✭ 78 (+62.5%)
Mutual labels:  rootkit
lkm-sandbox
Collection of Linux Kernel Modules and PoC to discover, learn and practice Linux Kernel Development
Stars: ✭ 36 (-25%)
Mutual labels:  linux-kernel-module
shieldwall
zero-trust remote firewall instrumentation
Stars: ✭ 185 (+285.42%)
Mutual labels:  hide
tor-rootkit
A Python 3 standalone Windows 10 / Linux Rootkit using Tor.
Stars: ✭ 142 (+195.83%)
Mutual labels:  rootkit
SMM-Rootkit
SMM rootkit similar to LoJax or MosaicRegressor
Stars: ✭ 44 (-8.33%)
Mutual labels:  rootkit
lustre-release
Mirror of official Lustre development repository http://git.whamcloud.com/
Stars: ✭ 35 (-27.08%)
Mutual labels:  linux-kernel-module
HideAndSeek
Hide and seek game recreated for PocketMine-MP
Stars: ✭ 15 (-68.75%)
Mutual labels:  hide
Vegile
This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell
Stars: ✭ 601 (+1152.08%)
Mutual labels:  rootkit
SlideUpTopBar-for-Foundation
SlideUpTopBar is an extension for the Zurb Foundation 5 top-bar component. It hides the top-bar when scrolling down a page & shows it when scrolling back up the page.
Stars: ✭ 47 (-2.08%)
Mutual labels:  hide
raisin
Reverse shell and rootkit
Stars: ✭ 18 (-62.5%)
Mutual labels:  rootkit
View All Similar Projects ➔

superhide

An example of a Loadable Kernel Module (LKM) that hooks the system call table.

This module will hide any userspace files that start with a certain prefix from any program that uses the getdents system call to list a directories files.

To use this, run sudo build_and_install.sh in the superhide folder. Remeber where the folder is, because it will be hidden now.

To remove this, run sudo remove_and_clean.sh in the superhide folder.

This program only captures the getdents syscall for hiding files, it doesn't hook the getdents64 call because just doing getdents was enough for a proof of concept. Turns out most things just use the getdents syscall though.

Note: I have found this to not work on some newer kernels.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].