Diamorphine
Kernel backdoor
A Linux kernel module designed to create a stealthy backdoor and hide processes or users from system administrators.
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
2k stars
55 watching
430 forks
Language: C
last commit: about 1 year ago
Linked from 2 awesome lists
advanced-persistent-threatbackdoorchackinghacking-toolkernelkernel-modulelinuxlinux-kernellkm-rootkitmalwarepentestpentestingredteamredteamingrootkitsecuritysecurity-auditsecurity-toolsstealth
uhub/awesome-c
fabacab/awesome-malwareRelated projects:
| Repository | Description | Stars |
|---|---|---|
 h3xduck/triplecross | A Linux rootkit demonstrating the offensive capabilities of eBPF technology using various techniques such as backdoors, C2 channels and code injection. | 1,786 |
 nil0x42/phpsploit | A tool allowing attackers to remotely execute commands and maintain persistence on compromised web servers using stealthy PHP backdoors. | 2,221 |
 zer0mem0ry/kernelreadwritememory | A proof-of-concept project demonstrating kernel-level memory manipulation on Windows NT | 275 |
 mempodippy/vlany | A Linux rootkit designed to evade detection and maintain persistence on compromised systems | 944 |
 spencerdodd/kernelpop | Automated framework for discovering and exploiting kernel vulnerabilities on Linux and macOS. | 687 |
 eversinc33/banshee | A Windows kernel rootkit with anti-rootkit evasion features and keylogging capabilities. | 493 |
 mthbernardes/qmkhuehuebr | A tool to create a backdoor on a keyboard by hijacking screen locking keystrokes and injecting malicious keys into connected computers. | 85 |
 kkamagui/shadow-box-for-x86 | A lightweight kernel protector for x86 systems using hypervisor-based isolation and security monitoring. | 184 |
 paulsec/twittor | A tool that uses Twitter as a covert command and control server for remotely executing commands on compromised systems. | 760 |
 ybdai7/chameleon-durable-backdoor | A federated learning system implementation that enables planting durable backdoors in global models by adapting to peer images. | 32 |
 kaganisildak/malwarescarecrow | A tool designed to make physical devices detectable by malware and create a deceptive environment for evasion techniques. | 379 |
 wahyuhadi/beacon-c2-go | A backdoor tool designed to facilitate remote access and command execution on Windows systems | 38 |
 a13xp0p0v/linux-kernel-defence-map | A graphical representation of Linux kernel security concepts and their relationships | 1,774 |
 strazzere/android-lkms | Provides tools and modules to aid in reversing and debugging Android applications on controlled systems/emulators. | 204 |
 n4sm/m0dern_p4cker | A modern packer for Linux executables that applies various encryption techniques to hide their contents | 42 |