GitHub topics: rootkit
kouzhudong/AntiHook
Enum and Remove Hook in Windows
Language: Batchfile - Size: 17.2 MB - Last synced at: about 19 hours ago - Pushed at: about 20 hours ago - Stars: 38 - Forks: 9
mempodippy/vlany
Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)
Language: C - Size: 1.17 MB - Last synced at: about 18 hours ago - Pushed at: over 4 years ago - Stars: 957 - Forks: 195
grisuno/LazyOwn
LazyOwn RedTeam/APT Framework is the first RedTeam Framework with an AI-powered C&C, featuring rootkits to conceal campaigns, undetectable malleable implants compatible with Windows/Linux/Mac OSX, and self-configuring backdoors. With its Web interface and powerful Console Client, it is the best combination for your RedTeam/APT campaigns.
Language: HTML - Size: 204 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 56 - Forks: 24
slep2-0/WindowsRootkit
Read the README
Language: C++ - Size: 191 KB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 3 - Forks: 0
nullcel/dollarnine
A self-propagating worm driven by an embedded rootkit
Language: C++ - Size: 3.49 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 0 - Forks: 0
Gui774ume/ebpfkit
ebpfkit is a rootkit powered by eBPF
Language: C - Size: 7.63 MB - Last synced at: 2 days ago - Pushed at: about 2 years ago - Stars: 794 - Forks: 92
ait-aecid/caraxes
Academic research rootkit using ftrace-hooking to hide files and processes via magic word or user/group. Tested until Linux 6.11.
Language: C - Size: 135 KB - Last synced at: about 12 hours ago - Pushed at: 21 days ago - Stars: 19 - Forks: 0
bitdefender/hvmi
Hypervisor Memory Introspection Core Library
Language: C - Size: 13.5 MB - Last synced at: 3 days ago - Pushed at: about 1 year ago - Stars: 645 - Forks: 68
memN0ps/illusion-rs 📦
Rusty Hypervisor - Windows UEFI Blue Pill Type-1 Hypervisor in Rust (Codename: Illusion)
Language: Rust - Size: 2.85 MB - Last synced at: 3 days ago - Pushed at: 9 months ago - Stars: 260 - Forks: 33
joaoviictorti/shadow-rs
Windows Kernel Rootkit in Rust
Language: Rust - Size: 459 KB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 594 - Forks: 62
sapellaniz/lkm_unhide
LKM unhide is a LKM Rootkits Detection Tool for Linux Kernels 5.x/6.x.
Language: C - Size: 1000 Bytes - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 0 - Forks: 0
XaFF-XaFF/Kernel-Process-Hollowing
Windows x64 kernel mode rootkit process hollowing POC.
Language: C++ - Size: 27.3 KB - Last synced at: about 10 hours ago - Pushed at: almost 2 years ago - Stars: 189 - Forks: 27
Reakt0rPhantom/Stuxnet-Rootkit
Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis
Size: 0 Bytes - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 0 - Forks: 0
MikeHorn-git/LKD
Linux Kernel development lab
Language: C - Size: 27.3 KB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 5 - Forks: 0
ExpLife0011/awesome-windows-kernel-security-development
windows kernel security development
Size: 3.25 MB - Last synced at: 6 days ago - Pushed at: over 2 years ago - Stars: 2,002 - Forks: 539
rwxrob/bonzai
Dashist CLI framework, batteries included
Language: Go - Size: 3.86 MB - Last synced at: 6 days ago - Pushed at: 5 months ago - Stars: 226 - Forks: 22
ait-testbed/attackmate
AttackMate is an attack orchestration tool that executes full attack-chains based on playbooks.
Language: Python - Size: 8.8 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 35 - Forks: 5
cr0nx/awesome-linux-attack-forensics-purplelabs
This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.
Size: 95.7 KB - Last synced at: 8 days ago - Pushed at: about 2 years ago - Stars: 284 - Forks: 38
milabs/awesome-linux-rootkits
awesome-linux-rootkits
Size: 74.2 KB - Last synced at: 5 days ago - Pushed at: 4 months ago - Stars: 1,827 - Forks: 246
gmh5225/Driver-SoulExtraction
SoulExtraction is a windows driver library for extracting cert information in windows drivers
Language: C - Size: 91.8 KB - Last synced at: about 23 hours ago - Pushed at: about 2 years ago - Stars: 23 - Forks: 6
eversinc33/Banshee
Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.
Language: C++ - Size: 666 KB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 535 - Forks: 78
UEFI-code/Linux-Danger
Forget Ring3. Run EVERYTHING in Ring0!
Language: C - Size: 147 MB - Last synced at: 10 days ago - Pushed at: 10 days ago - Stars: 0 - Forks: 1
sudoskys/Root
?什么你说Root?我不到啊 | 致力于编写全面详细的Root教程文档 | 刷机 | 安卓
Size: 54.3 MB - Last synced at: 4 days ago - Pushed at: 10 months ago - Stars: 435 - Forks: 25
Qiunzman/Simple-RunPE-Process-Hollowing
The RunPE program is written in C# to execute a specific executable file within another files memory using the ProcessHollowing technique.
Language: C# - Size: 39.1 KB - Last synced at: 10 days ago - Pushed at: 10 days ago - Stars: 0 - Forks: 0
daem0nc0re/VectorKernel
PoCs for Kernelmode rootkit techniques research.
Language: C# - Size: 17.5 MB - Last synced at: 7 days ago - Pushed at: 4 months ago - Stars: 374 - Forks: 60
UmaRex01/YMC
A plug-and-play, extendible and customizable Windows driver that lands your malware capabilities in kernel-land.
Size: 4.88 KB - Last synced at: 11 days ago - Pushed at: 12 days ago - Stars: 0 - Forks: 0
b3c001/bico_lkm
Bico_LKM é um rootkit escrito em C e possui funcionamento em nivel de kernel (ring0)
Language: C - Size: 37.1 KB - Last synced at: 8 days ago - Pushed at: 12 days ago - Stars: 3 - Forks: 0
carloslack/KoviD
Red-Team Linux kernel rootkit
Language: C - Size: 26.8 MB - Last synced at: 12 days ago - Pushed at: 21 days ago - Stars: 362 - Forks: 60
sad0p/d0zer
Elf binary infector written in Go.
Language: Go - Size: 136 KB - Last synced at: 4 days ago - Pushed at: 4 months ago - Stars: 209 - Forks: 36
memN0ps/eagle-rs 📦
Rusty Rootkit - Windows Kernel Rookit in Rust (Codename: Eagle)
Language: Rust - Size: 450 KB - Last synced at: 6 days ago - Pushed at: almost 2 years ago - Stars: 551 - Forks: 70
alfonmga/hiding-cryptominers-linux-rootkit 📦
Linux rootkit POC to hide a crypto miner's process and CPU usage.
Language: C - Size: 19.5 KB - Last synced at: 7 days ago - Pushed at: over 1 year ago - Stars: 75 - Forks: 39
KastMain/Simple-RunPE-Process-Hollowing
The RunPE program is written in C# to execute a specific executable file within another files memory using the ProcessHollowing technique.
Language: C# - Size: 38.1 KB - Last synced at: 13 days ago - Pushed at: 13 days ago - Stars: 0 - Forks: 0
ldpreload/Medusa
LD_PRELOAD Rootkit
Language: C - Size: 708 KB - Last synced at: 7 days ago - Pushed at: about 1 month ago - Stars: 222 - Forks: 57
jm33-m0/emp3r0r
Linux/Windows post-exploitation framework made by linux user
Language: Go - Size: 144 MB - Last synced at: 19 days ago - Pushed at: 19 days ago - Stars: 1,533 - Forks: 263
mephistolist/tito
In-Memory Rootkit For Linux
Language: C - Size: 215 KB - Last synced at: 19 days ago - Pushed at: 19 days ago - Stars: 69 - Forks: 11
idchoppers/nt_rootkit
A kernel mode rootkit for NT.
Language: C - Size: 97.7 KB - Last synced at: 19 days ago - Pushed at: 19 days ago - Stars: 1 - Forks: 0
gmh5225/CallMeWin32kDriver
Load your driver like win32k.sys
Language: C++ - Size: 23.4 KB - Last synced at: about 23 hours ago - Pushed at: over 2 years ago - Stars: 252 - Forks: 74
memN0ps/matrix-rs 📦
Rusty Hypervisor - Windows Kernel Blue Pill Type-2 Hypervisor in Rust (Codename: Matrix)
Language: Rust - Size: 2.58 MB - Last synced at: 3 days ago - Pushed at: 10 months ago - Stars: 272 - Forks: 31
Idov31/Nidhogg
Nidhogg is an all-in-one simple to use windows kernel rootkit.
Language: C++ - Size: 723 KB - Last synced at: 23 days ago - Pushed at: 23 days ago - Stars: 1,940 - Forks: 283
guill777/ElfDoor-gcc
ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.
Language: C - Size: 519 KB - Last synced at: 24 days ago - Pushed at: 24 days ago - Stars: 0 - Forks: 0
malefax/Adrishya
Author of Project Adrishya a rootkit which use ftrace mechanism to hook syscall; (write this because God commanded me); work for both x86_64 and arm; CREDIT-(Oleksii Lozovskyi{ilammy})FOUNDER OF FTRACE HOOKING
Language: C - Size: 488 KB - Last synced at: 26 days ago - Pushed at: 26 days ago - Stars: 7 - Forks: 0
jussihi/SMM-Rootkit
SMM rootkit similar to LoJax or MosaicRegressor
Language: C - Size: 214 KB - Last synced at: 4 days ago - Pushed at: over 1 year ago - Stars: 117 - Forks: 28
m0nad/Diamorphine
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
Language: C - Size: 28.3 KB - Last synced at: 28 days ago - Pushed at: over 1 year ago - Stars: 1,979 - Forks: 450
mrexodia/TitanHide
Hiding kernel-driver for x86/x64.
Language: C - Size: 842 KB - Last synced at: about 1 month ago - Pushed at: 3 months ago - Stars: 2,260 - Forks: 431
Cr4sh/s6_pcie_microblaze
PCI Express DIY hacking toolkit for Xilinx SP605. This repository is also home of Hyper-V Backdoor and Boot Backdoor, check readme for links and info
Language: C - Size: 38.4 MB - Last synced at: about 1 month ago - Pushed at: 12 months ago - Stars: 786 - Forks: 158
Idov31/Jormungandr
Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
Language: C++ - Size: 48.8 KB - Last synced at: 30 days ago - Pushed at: over 1 year ago - Stars: 225 - Forks: 27
bytecode77/r77-rootkit
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
Language: C - Size: 5.08 MB - Last synced at: about 1 month ago - Pushed at: about 2 months ago - Stars: 1,877 - Forks: 426
0xbitx/DEDSEC_ZIPHITE
Linux-based tool that injects covert malicious code into a legitimate Python script.
Size: 2.45 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 1
mav8557/Father
LD_PRELOAD rootkit
Language: C - Size: 47.9 KB - Last synced at: 29 days ago - Pushed at: about 1 year ago - Stars: 131 - Forks: 32
adamhlt/Basic-Rootkit
POC Ring3 Windows Rootkit (x86 / x64) - Hide processes and files
Language: C++ - Size: 788 KB - Last synced at: 5 days ago - Pushed at: almost 2 years ago - Stars: 55 - Forks: 19
tkmru/awesome-linux-rootkits
a summary of linux rootkits published on GitHub
Size: 3.91 KB - Last synced at: 5 days ago - Pushed at: about 5 years ago - Stars: 176 - Forks: 22
nurupo/rootkit
Linux rootkit for Ubuntu 16.04 and 10.04 (Linux Kernels 4.4.0 and 2.6.32), both i386 and amd64
Language: C - Size: 25.4 KB - Last synced at: about 1 month ago - Pushed at: about 1 year ago - Stars: 798 - Forks: 202
DualHorizon/blackpill
A Linux kernel rootkit in Rust using a custom made type-2 hypervisor, eBPF XDP and TC programs
Language: Rust - Size: 282 KB - Last synced at: about 1 month ago - Pushed at: 4 months ago - Stars: 279 - Forks: 33
Gui774ume/ebpfkit-monitor
ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits
Language: C - Size: 168 KB - Last synced at: about 1 month ago - Pushed at: about 2 years ago - Stars: 128 - Forks: 17
flashnuke/mod-rootkit
Kernel-space x86_64 Linux rootkit leveraging kprobes and ftrace for syscall hooking (hiding entries and reverse shell backdoor)
Language: C - Size: 161 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 7 - Forks: 0
rickmark/mojo_thor
Research about malware that infects the EFI and SMC of Apple MacBooks.
Language: Assembly - Size: 144 MB - Last synced at: 30 days ago - Pushed at: about 1 month ago - Stars: 57 - Forks: 12
xl7dev/WebShell
Webshell && Backdoor Collection
Language: PHP - Size: 23.4 MB - Last synced at: about 1 month ago - Pushed at: about 5 years ago - Stars: 1,877 - Forks: 1,035
theSecHunter/Hades-Windows
Hades HIDS/HIPS for Windows
Language: C++ - Size: 484 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 278 - Forks: 92
gmh5225/kli-ex
Expanding Kernel Lazy Importer
Language: C++ - Size: 118 KB - Last synced at: about 23 hours ago - Pushed at: about 2 years ago - Stars: 31 - Forks: 8
skyw4tch3r/RootKits-List-Download
This is the list of all rootkits found so far on github and other sites.
Size: 24.4 KB - Last synced at: about 1 month ago - Pushed at: about 2 years ago - Stars: 1,310 - Forks: 384
h3xduck/Umbra
A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malware and more.
Language: C - Size: 190 MB - Last synced at: about 1 month ago - Pushed at: over 3 years ago - Stars: 123 - Forks: 28
h3xduck/TripleCross
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
Language: C - Size: 86.4 MB - Last synced at: about 1 month ago - Pushed at: about 1 year ago - Stars: 1,830 - Forks: 230
0xbitx/DEDSEC_BOTNET
Linux-based botnet builder designed for creating advanced botnet payloads.
Size: 11.9 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 75 - Forks: 12
JKornev/hidden
🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc
Language: C - Size: 665 KB - Last synced at: about 1 month ago - Pushed at: almost 3 years ago - Stars: 1,889 - Forks: 496
gmh5225/FakeEnclave
A poc that abuses Enclave
Language: C++ - Size: 12.7 KB - Last synced at: about 23 hours ago - Pushed at: over 2 years ago - Stars: 38 - Forks: 8
Kareasst/Simple-RunPE-Process-Hollowing
The RunPE program is written in C# to execute a specific executable file within another files memory using the ProcessHollowing technique.
Language: C# - Size: 221 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 2 - Forks: 0
XaFF-XaFF/Cronos-Rootkit
Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
Language: C++ - Size: 10.6 MB - Last synced at: about 1 month ago - Pushed at: about 3 years ago - Stars: 899 - Forks: 185
0xflux/Ferric-Fox
A windows 11 rootkit in Rust
Language: Rust - Size: 24.4 KB - Last synced at: about 1 month ago - Pushed at: about 2 months ago - Stars: 7 - Forks: 1
MatheuZSecurity/UnhookingLinuxEdr
Attacking the cleanup_module function of a kernel module
Size: 11.7 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 1 - Forks: 0
hiteshd/Android-Rootkit
A rootkit for Android. Based on "Android platform based linux kernel rootkit" from Phrack Issue 68
Language: C - Size: 225 KB - Last synced at: about 1 month ago - Pushed at: over 1 year ago - Stars: 265 - Forks: 103
rphang/evilBPF
Weaponizing the Linux Kernel (Hide Files/PID, SSH backdoors, SSL Sniffer, ...) by poking around eBPF/XDP
Language: C - Size: 1.8 MB - Last synced at: about 1 month ago - Pushed at: 8 months ago - Stars: 50 - Forks: 13
ngn13/shrk
LKM rootkit for modern kernels, with DNS C2 and a simple web interface
Language: C - Size: 898 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 66 - Forks: 9
screetsec/Vegile
This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell
Language: Shell - Size: 48.8 KB - Last synced at: about 1 month ago - Pushed at: over 2 years ago - Stars: 722 - Forks: 164
linuxthor/rkspotter
Rootkit spotter - experimental Linux rootkit finder LKM
Language: C - Size: 86.9 KB - Last synced at: 26 days ago - Pushed at: over 4 years ago - Stars: 28 - Forks: 1
MatheuZSecurity/Imperius
Make an Linux Kernel rootkit visible again.
Language: C - Size: 24.4 KB - Last synced at: about 1 month ago - Pushed at: 2 months ago - Stars: 49 - Forks: 5
MatheuZSecurity/ModTracer
ModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.
Language: C - Size: 36.1 KB - Last synced at: about 1 month ago - Pushed at: 2 months ago - Stars: 73 - Forks: 10
kkent030315/NtSymbol
Resolve DOS MZ executable symbols at runtime
Language: C++ - Size: 32.2 KB - Last synced at: 2 days ago - Pushed at: over 3 years ago - Stars: 95 - Forks: 24
Idov31/NidhoggScript
NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
Language: C++ - Size: 102 KB - Last synced at: about 1 month ago - Pushed at: about 1 year ago - Stars: 46 - Forks: 9
jivoi/openssh-backdoor-kit
:bomb: just for fun ¯\_(ツ)_/¯
Language: Shell - Size: 15.5 MB - Last synced at: 30 days ago - Pushed at: over 8 years ago - Stars: 264 - Forks: 101
x86byte/Stuxnet-Rootkit
Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis
Language: C - Size: 103 KB - Last synced at: 3 days ago - Pushed at: 8 months ago - Stars: 52 - Forks: 12
UEFI-code/WindowsDanger
A REALLY Danger Windows Driver, Turn Any threads Ring0!
Language: C - Size: 98.6 MB - Last synced at: about 1 month ago - Pushed at: about 2 months ago - Stars: 7 - Forks: 3
landhb/HideProcess
A basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager
Language: C - Size: 6.85 MB - Last synced at: about 1 month ago - Pushed at: about 6 years ago - Stars: 665 - Forks: 116
loneicewolf/EXEC_LKM
A LKM (Loadable Kernel Module) to execute a command as root; I include a example of using netcat and a compiled(with source and steps on how to compile) reverse shell provided in C.
Language: C - Size: 338 KB - Last synced at: about 1 month ago - Pushed at: 7 months ago - Stars: 16 - Forks: 5
ashwani15upadhyay/Mandragora
Mandragora is a magical plant known for its anthropomorphic roots and powerful properties in alchemy and folklore. Believed to scream when uprooted and possess mystical qualities, Mandragora has a rich history in various cultures around the world.
Size: 1000 Bytes - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0
assarbad/Nidhogg Fork of Idov31/Nidhogg
Nidhogg is an all-in-one simple to use rootkit for red teams.
Language: C++ - Size: 720 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 7 - Forks: 1
Tastortist/Simple-RunPE-Process-Hollowing
The RunPE program is written in C# to execute a specific executable file within another files memory using the ProcessHollowing technique.
Language: C# - Size: 229 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 2 - Forks: 0
tasket/Qubes-VM-hardening
Fend off malware at Qubes VM startup
Language: Shell - Size: 136 KB - Last synced at: about 1 month ago - Pushed at: about 2 years ago - Stars: 74 - Forks: 11
JopjeKnopje/c_hooks
LD_PRELOAD "Rootkit" showcase
Language: C - Size: 34.2 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 0 - Forks: 0
UsboKirishima/0
An advanced keylogger with both kernel and userspace mode support. Implements stealth functionality and netlink socket communication.
Language: C - Size: 34.2 KB - Last synced at: about 1 month ago - Pushed at: 6 months ago - Stars: 5 - Forks: 0
3itch/icekit
I/O Cache-As-Ram + AMD x86_64 cache line locking | Mirror of https://codeberg.org/3itch/icekit
Language: C - Size: 44.9 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 8 - Forks: 0
uraninite/stuxnet
Stuxnet is an extremely sophisticated computer worm that exploits multiple previously unknown Windows zero-day vulnerabilities to infect computers and spread. Its purpose was not just to infect PCs but to cause real-world physical effects. Specifically, it targets centrifuges used to produce the enriched uranium that powers nuclear weapons and reactors.
Language: Assembly - Size: 7.35 MB - Last synced at: about 1 month ago - Pushed at: about 3 years ago - Stars: 62 - Forks: 24
leozin6/WebShell
Web Shell Detector is a PHP script designed to identify PHP, CGI (Perl), ASP/ASPX shells. It uses a "web shells" signature database to detect shells with up to 99% accuracy. The tool features a lightweight and user-friendly interface built with modern JavaScript and CSS technologies.
Language: PHP - Size: 2.27 MB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 0 - Forks: 0
rafael-santiago/kook
A syscall hooking system for FreeBSD, NetBSD and also Linux.
Language: C - Size: 40 KB - Last synced at: about 1 month ago - Pushed at: over 3 years ago - Stars: 17 - Forks: 4
0xbekoo/SSDT-Hooking
The project uses SSDT Hooking to bypass security checks during driver loading by hooking NtLoadDriver and modifying the PreviousMode flag.
Language: C - Size: 74.2 KB - Last synced at: 2 months ago - Pushed at: 3 months ago - Stars: 3 - Forks: 0
kryyyaaaa/golang-rootkit
rootkit written in golang
Language: Go - Size: 30.3 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 0 - Forks: 1
therealdreg/lsrootkit
Rootkit Detector for UNIX
Language: C - Size: 121 KB - Last synced at: about 1 month ago - Pushed at: almost 2 years ago - Stars: 61 - Forks: 20
mrg0ne/kld-rootkit
A collection of FreeBSD rootkit kernel modules and utilities
Language: C - Size: 114 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 5 - Forks: 1
paulveillard/cybersecurity-malware
An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Malware, Rootkits, and botnets in Cybersecurity.
Size: 13.1 MB - Last synced at: about 2 months ago - Pushed at: about 2 years ago - Stars: 10 - Forks: 2
kaIIsyms/ring
ring0 rootkit
Language: C - Size: 48.8 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0
MatheuZSecurity/detect-lkm-rootkit-cheatsheet
Cheat sheet to detect and remove linux kernel rootkit
Size: 1.04 MB - Last synced at: 3 months ago - Pushed at: 5 months ago - Stars: 47 - Forks: 11