UmbraA LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malware and more.
Stars: ✭ 98 (+18.07%)
MalwareRootkits | Backdoors | Sniffers | Virus | Ransomware | Steganography | Cryptography | Shellcodes | Webshells | Keylogger | Botnets | Worms | Other Network Tools
Stars: ✭ 156 (+87.95%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+773.49%)
Php BackdoorYour interpreter isn’t safe anymore — The PHP module backdoor
Stars: ✭ 211 (+154.22%)
WebshellWebshell && Backdoor Collection
Stars: ✭ 1,056 (+1172.29%)
LinuxKernelLearnLearn Linux Kernel Step by Step, including the Modules, FS, Device Driver etc. --- Linux内核学习,包括Linux各模块,文件系统,设备驱动文件等。
Stars: ✭ 37 (-55.42%)
HvmiHypervisor Memory Introspection Core Library
Stars: ✭ 438 (+427.71%)
kernel-syslog📝 Kernel module that can be used as a replacement for syslog, logger or logwrapper
Stars: ✭ 37 (-55.42%)
rkorovald_preload userland rootkit
Stars: ✭ 34 (-59.04%)
NtSymbolResolve DOS MZ executable symbols at runtime
Stars: ✭ 78 (-6.02%)
SolarisA local LKM rootkit loader/dropper that lists available security mechanisms
Stars: ✭ 47 (-43.37%)
Shadow Box For ArmShadow-Box: Lightweight and Practical Kernel Protector for ARM (Presented at BlackHat Asia 2018)
Stars: ✭ 64 (-22.89%)
proteccLinux kernel module to fight against police terror
Stars: ✭ 25 (-69.88%)
VlanyLinux LD_PRELOAD rootkit (x86 and x86_64 architectures)
Stars: ✭ 804 (+868.67%)
execmonAdvanced process execution monitoring utility for linux (procmon like)
Stars: ✭ 77 (-7.23%)
BdvlLD_PRELOAD Linux rootkit (x86 & ARM)
Stars: ✭ 232 (+179.52%)
HideprocessA basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager
Stars: ✭ 329 (+296.39%)
installACMModuleInstall the CDC ACM and USB to Serial Modules for the Jetson TX1 or Jetson TX2 Development Kit
Stars: ✭ 28 (-66.27%)
lsrootkitRootkit Detector for UNIX
Stars: ✭ 53 (-36.14%)
Shadow Box For X86Shadow-Box: Lightweight and Practical Kernel Protector for x86 (Presented at BlackHat Asia 2017/2018, beVX 2018 and HITBSecConf 2017)
Stars: ✭ 178 (+114.46%)
SMM-RootkitSMM rootkit similar to LoJax or MosaicRegressor
Stars: ✭ 44 (-46.99%)
netlink-examplesLinux kernel Netlink examples inspired by "Why and How to Use Netlink Socket"
Stars: ✭ 28 (-66.27%)
satan🔓 x86 Linux Kernel rootkit for Debian 9 (4.9.0-11-686-pae)
Stars: ✭ 31 (-62.65%)
Www.rootkit.comwww.rootkit.com users section mirror, sql database dump, and a few other files/rootkits.
Stars: ✭ 117 (+40.96%)
raspi ws2812A kernel module able to run as many WS2812 strips as there are GPIO pins on Raspberry Pi Zero
Stars: ✭ 35 (-57.83%)
SutekhAn example rootkit that gives a userland process root permissions
Stars: ✭ 62 (-25.3%)
meta-quectel-communityYocto Layer which provides basic support for Quectel wireless modules
Stars: ✭ 25 (-69.88%)
Rootkits List DownloadThis is the list of all rootkits found so far on github and other sites.
Stars: ✭ 815 (+881.93%)
demos-linuxDemos for instruction and exploration of the Linux C/C++ API
Stars: ✭ 78 (-6.02%)
HiddenWindows driver with usermode interface which can hide objects of file-system and registry, protect processes and etc
Stars: ✭ 768 (+825.3%)
RootkitLinux rootkit for Ubuntu 16.04 and 10.04 (Linux Kernels 4.4.0 and 2.6.32), both i386 and amd64
Stars: ✭ 601 (+624.1%)
iptables-uwuiptables target that uwu's outgoing packets
Stars: ✭ 86 (+3.61%)
VegileThis tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell
Stars: ✭ 478 (+475.9%)
RemoveFlagTestAnother method to anti ThreadHideFromDebugger
Stars: ✭ 24 (-71.08%)
Emp3r0rlinux post-exploitation framework made by linux user
Stars: ✭ 419 (+404.82%)
S6 pcie microblazePCI Express DIY hacking toolkit for Xilinx SP605
Stars: ✭ 301 (+262.65%)
fakesudosudo almost as fake as your ma
Stars: ✭ 15 (-81.93%)
FatherLD_PRELOAD rootkit
Stars: ✭ 59 (-28.92%)
HiddenwallTool to generate a Linux kernel module for custom rules with Netfilter hooking. (block ports, Hidden mode, functions to protect etc)
Stars: ✭ 187 (+125.3%)
superhideExample of hooking a linux systemcall
Stars: ✭ 48 (-42.17%)
pfSense-pkg-WireGuardThis is a port of the original WireGuard UI bits as implemented by Netgate in pfSense 2.5.0 to a package suitable for rapid iteration and more frequent updating on future releases of pfSense.
Stars: ✭ 194 (+133.73%)
raisinReverse shell and rootkit
Stars: ✭ 18 (-78.31%)
Android RootkitA rootkit for Android. Based on "Android platform based linux kernel rootkit" from Phrack Issue 68
Stars: ✭ 167 (+101.2%)
Wireguard Docs📖 Unofficial WireGuard Documentation: Setup, Usage, Configuration, and full example setups for VPNs supporting both servers & roaming clients.
Stars: ✭ 3,201 (+3756.63%)
tor-rootkitA Python 3 standalone Windows 10 / Linux Rootkit using Tor.
Stars: ✭ 142 (+71.08%)
VegileThis tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell
Stars: ✭ 601 (+624.1%)
dr checker 4 linuxPort of "DR.CHECKER : A Soundy Vulnerability Detection Tool for Linux Kernel Drivers" to Clang/LLVM 10 and Linux Kernel
Stars: ✭ 34 (-59.04%)
Teardroid-phprat🇮🇳 🤖 It's easy to use android botnet work without port forwarding, vps and android studio
Stars: ✭ 417 (+402.41%)
nrf24nrf24l01 linux device driver
Stars: ✭ 20 (-75.9%)
msr-safeAllows safer access to model specific registers (MSRs)
Stars: ✭ 62 (-25.3%)
dev-cyberNot the device we need, but the one we deserve
Stars: ✭ 19 (-77.11%)
SpacecowWindows Rootkit written in Python
Stars: ✭ 81 (-2.41%)