Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Linux namespaces and seccomp-bpf sandbox

telegram-cli

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and re…

WiFi arsenal

Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.

dtrace for linux - kernel driver and userland tools

The papers and books I've read or am about to read.

IPv6 attack toolkit

Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)

Red-Team LKM

Secure ELF parsing/loading library for forensics reconstruction of malware, and robust reverse engineering tools

Devestating and awesome Linux X86_64 ELF Virus

extended core file snapshot format

Highly advanced Linux anti-exploitation and anti-tamper binary protector for ELF.

Firejail DNS-over-HTTPS Proxy Server

ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)

ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD

An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses

linux kernel for Parrot Project

Linux kernel rootkit using kprobes (From http://phrack.org/issues/67/6.html)

Simple ELF tools written to demonstrate libelfmaster capabilities.

Be able to execute memory snapshots so they can start running where they left off.

relros.c applies RELRO to static binaries, and static_to_dyn.c applies ASLR to static binaries.

Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster

ELF Virus infection techniques that work with SCOP (Secure code partitioned) executables

ELF binary virus capable of infecting position independent executables and libraries.