132 Open source projects that are alternatives of or similar to Simple-Antirootkit-SST-Unhooker

windows kernel security development

The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers

ld_preload userland rootkit

Webshell && Backdoor Collection

First Steps in Ubuntu (Server) / Hardening and Config With Docker

Linux Rootkits (4.x Kernel)

Windows Rootkit written in Python

A local LKM rootkit loader/dropper that lists available security mechanisms

Your interpreter isn’t safe anymore  —  The PHP module backdoor

Veil 3.1.X (Check version info in Veil at runtime)

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Armadito antivirus main repository

A basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager

www.rootkit.com users section mirror, sql database dump, and a few other files/rootkits.

Rootkit Detector for UNIX

LD_PRELOAD Linux rootkit (x86 & ARM)

SMM rootkit similar to LoJax or MosaicRegressor

Shadow-Box: Lightweight and Practical Kernel Protector for ARM (Presented at BlackHat Asia 2018)

🔓 x86 Linux Kernel rootkit for Debian 9 (4.9.0-11-686-pae)

A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malware and more.

ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits

Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)

Armor is a simple Bash script designed to create encrypted macOS payloads capable of evading antivirus scanners.

Shadow-Box: Lightweight and Practical Kernel Protector for x86 (Presented at BlackHat Asia 2017/2018, beVX 2018 and HITBSecConf 2017)

The OWASP SecureTea Project provides a one-stop security solution for various devices (personal computers / servers / IoT devices)

awesome-linux-rootkits

dnxfirewall (dad's next-gen firewall), a pure Python next generation firewall built on top of Linux kernel/netfilter.

linux post-exploitation framework made by linux user

awesome-windows-security-development

PCI Express DIY hacking toolkit for Xilinx SP605

NativePayload_CallBackTechniques C# Codes (Code Execution via Callback Functions Technique, without CreateThread Native API)

LD_PRELOAD rootkit

a summary of linux rootkits published on GitHub

Example of hooking a linux systemcall

Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.

Reverse shell and rootkit

Resolve DOS MZ executable symbols at runtime

💣 just for fun ¯\_(ツ)_/¯

A Python 3 standalone Windows 10 / Linux Rootkit using Tor.

An example rootkit that gives a userland process root permissions

This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell

Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact))..

A simple rootkit to hide a process

This is the list of all rootkits found so far on github and other sites.

ebpfkit is a rootkit powered by eBPF

Tool to generate a Linux kernel module for custom rules with Netfilter hooking. (block ports, Hidden mode, functions to protect etc)

KicomAV is an open source (GPL v2) antivirus engine designed for detecting malware and disinfecting it.

Windows driver with usermode interface which can hide objects of file-system and registry, protect processes and etc

Self-hosted VirusTotal / MetaDefender wannabe with API, demo UI and Scanners running in Docker.

Malice Windows Defender AntiVirus Plugin

AMWScan (PHP Antimalware Scanner) is a free tool to scan php files and analyze your project to find any malicious code inside it.

Linux rootkit for Ubuntu 16.04 and 10.04 (Linux Kernels 4.4.0 and 2.6.32), both i386 and amd64

List of real-world threats against endpoint protection software

A rootkit for Android. Based on "Android platform based linux kernel rootkit" from Phrack Issue 68

Research on Anti-malware and other related security solutions

This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell

Linux v4.x.x Rootkit

A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.

Golang clamd (clamav daemon) client library

Rootkits | Backdoors | Sniffers | Virus | Ransomware | Steganography | Cryptography | Shellcodes | Webshells | Keylogger | Botnets | Worms | Other Network Tools