shadow-box-for-x86
Kernel protector
A lightweight kernel protector for x86 systems using hypervisor-based isolation and security monitoring.
Shadow-Box: Lightweight and Practical Kernel Protector for x86 (Presented at BlackHat Asia 2017/2018, beVX 2018 and HITBSecConf 2017)
184 stars
23 watching
46 forks
Language: C
last commit: over 5 years ago bevxblackhathitbsecconfhypervisorkernellinuxrootkit
Related projects:
| Repository | Description | Stars |
|---|---|---|
 anthraxx/linux-hardened | A minimal Linux kernel hardening project | 574 |
 tschaffter/raspberry-pi-kernel-hardened | A tool to build hardened versions of the Linux kernel for Raspberry Pi with enhanced security support. | 23 |
 m0nad/diamorphine | A Linux kernel module designed to create a stealthy backdoor and hide processes or users from system administrators. | 1,865 |
 spencerdodd/kernelpop | Automated framework for discovering and exploiting kernel vulnerabilities on Linux and macOS. | 687 |
 kungia09/bangcle | Protects Android apps from malicious activities by hardening and encrypting them using dynamic loading of encrypted dex files. | 389 |
 a13xp0p0v/kernel-hardening-checker | Tools for analyzing and hardening the security of Linux kernels | 1,711 |
 eversinc33/banshee | A Windows kernel rootkit with anti-rootkit evasion features and keylogging capabilities. | 502 |
 steven2358/kmbox | A collection of MATLAB programs implementing kernel-based algorithms for nonlinear signal processing and machine learning. | 52 |
| steven2358/kafbox | A Matlab toolbox for implementing kernel-based adaptive filtering algorithms. | 94 |
 cohdjn/cisecurity | Automates Linux hardening to conform to Center for Internet Security Benchmark standards | 9 |
 knurling-rs/flip-link | Protects embedded programs from stack overflows by flipping the memory layout to prevent collisions with static variables. | 289 |
 stiletto/angrymlocker | A tool to prevent processes from being swapped out of memory | 13 |
 buffer/libemu | A tool for analyzing and executing x86 binary code | 148 |
 didi/kemon | A framework for monitoring and controlling kernel activity on macOS | 385 |
| a13xp0p0v/linux-kernel-defence-map | A graphical representation of Linux kernel security concepts and their relationships | 1,784 |