oshaked1
Follow
🏴☠️ Hacking and Exploitation
Trace And Rewrite Delays In Syscalls: Hooking time-related Linux syscalls to warp a process's perspective of time, using ptrace.
Inject a shared library (i.e. arbitrary code) into a live linux process, without ptrace
Library for injecting a shared library into a Linux or Windows process
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
A collection of links related to Linux kernel security and exploitation
A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29
⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
A collection of various awesome lists for hackers, pentesters and security researchers
Tool for injecting a shared object into a Linux process
A simple Python library allowing to manipulate Linux processes.
An LKM rootkit targeting Linux 2.6/3.x on x86(_64), and ARM
Collection of malware source code for a variety of platforms in an array of different programming languages.
Enumerating and removing kernel callbacks using signed vulnerable drivers
Hook system calls, context switches, page faults and more.
Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)
Proof of concept memory anti-forensic toolkit designed for hiding various artifacts inside the memory dump during memory acquisition on Microsoft Windows operating system
proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC
Offensive Software Exploitation Course
HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux
This map lists the essential techniques to bypass anti-virus and EDR
Driver loader for bypassing Windows x64 Driver Signature Enforcement
Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.