LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
-
Updated
Sep 20, 2023 - C
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
awesome-linux-rootkits
Utility to find hidden Linux kernel modules
An example rootkit that gives a userland process root permissions
A rootkit for Android.
A quick LKM rootkit that executes a reverse TCP netcat shell with root privileges.
64-bit LKM Rootkit builder based on yaml prescription. Working on 5.15.5 kernel
Ftrace Based Linux Loadable Kernel Module Rootkit for Linux Kernel 5.x and 6.x on x86_64, hides files, hides process, hides bind shell & reverse shell port, privilege escalation, cleans up logs and bash history during installation
A LKM (Loadable Kernel Module) to execute a command as root; I include a example of using netcat and a compiled(with source and steps on how to compile) reverse shell provided in C.
A ring0 Loadable Kernel Module (Linux) to log all commnds run on the system.
LKM rootkit for modern kernels, with DNS C2 and a simple web interface
Linux Loadable Kernel Module Rootkit for Linux Kernel 5.x and 6.x on x86_64, hides files, hides process, hides bind shell & reverse shell port, privilege escalation, cleans up logs and bash history during installation
Examples on Linux Kernel Modules Hacking
A small introduction to lkm.
HiddenGhost is an new solution for find system call table with support for 5.7x kernels +
Rootkit for x64 Linux leveraging only native kernel features.
Add a description, image, and links to the lkm-rootkit topic page so that developers can more easily learn about it.
To associate your repository with the lkm-rootkit topic, visit your repo's landing page and select "manage topics."