mirror of
https://github.com/milabs/awesome-linux-rootkits.git
synced 2024-10-01 06:35:44 -04:00
awesome-linux-rootkits
README.md |
awesome-linux-rootkits
🔑 feature table
Environment:
- CPU architecture
- Kernel/User mode (or mixed)
Core capabilities:
- Persistency
- Management interface
Stealth capabilities:
- Detection evasion
- System logs cleaning (filtering)
Hiding stuff capabilities:
- Hiding of files and directories
- Hiding of processes and process trees
- Hiding of network connections and activity
- Hiding of process accounting information (like CPU usage)
Additional functions:
- Keylogger
- Backdoor/shell
🙈 user mode rootkits 💩
-
https://github.com/mempodippy/vlany
Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)
☝️
🙉 kernel mode rootkits ❤️
-
https://github.com/f0rb1dd3n/Reptile
Reptile is a LKM rootkit written for evil purposes that runs on Linux kernel 2.6.x/3.x/4.x
☝️
backdoor
-
https://github.com/QuokkaLight/rkduck
rkduck - Rootkit for Linux v4
☝️
keylogger
backdoor
-
https://github.com/mncoppola/suterusu
An LKM rootkit targeting Linux 2.6/3.x on x86, and ARM
-
https://github.com/m0nad/Diamorphine
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x (x86 and x86_64)