awesome-linux-rootkits
Go to file
Ilya V. Matveychikov 23c95e7c68
Update rkduck.md
2018-07-04 13:49:08 +04:00
details Update rkduck.md 2018-07-04 13:49:08 +04:00
README.md Update README.md 2018-07-03 00:07:05 +04:00

awesome-linux-rootkits

🔑 feature table

Environment:

  • CPU architecture
  • Kernel/User mode (or mixed)

Core capabilities:

  • Persistency
  • Management interface
  • Altering system (library) behaviour

Stealth capabilities:

  • Detection evasion
  • System logs cleaning (filtering)

Hiding stuff capabilities:

  • Hiding of files and directories
  • Hiding (tampering) of file contents
  • Hiding of processes and process trees
  • Hiding of network connections and activity
  • Hiding of process accounting information (like CPU usage)

Additional functions:

  • Keylogger
  • Backdoor/shell
  • Gaining priveleges

🙈 user mode rootkits

🙉 kernel mode rootkits