Displaying 1 to 9 from 9 results

keysniffer - :mag: Linux kernel mode debugfs keylogger

  •    C

A Linux kernel module to grab keys pressed in the keyboard, or a keylogger. keysniffer was initially written with the US keyboard (and conforming laptops) in mind. By default it shows human-readable strings for the keys pressed. Optionally, the keycode shift_mask pair can be printed in hex or decimal. You can lookup the keycodes in /usr/include/linux/input-event-codes.h.

rootkit - Linux rootkit for Ubuntu 16

  •    C

A simple Linux kernel rootkit written for fun, not evil. The rootkit was tested to work on Linux kernels 2.6.32-38 and 4.4.0-22 as provided by Ubuntu in Ubuntu 10.04.4 LTS and Ubuntu 16.04 LTS respectively, but it should be very easy to port to kernels in-between, as well as newer ones.

HiddenWall - Tool to generate a Linux kernel module for custom rules with Netfilter hooking. (block ports, Hidden mode, rootkit functions etc)

  •    C

HiddenWall is a Linux kernel module generator for custom rules with netfilter. (block ports, Hidden mode, rootkit functions etc). The motivation: on bad situation, attacker can put your iptables/ufw to fall... but if you have HiddenWall, the attacker will not find the hidden kernel module that block external access, because have a hook to netfilter on kernel land(think like a second layer for firewall).

dev-cyber - Not the device we need, but the one we deserve

  •    C

Not the device we need, but the one we deserve. /dev/cyber is just as easy to use as all your other favorite devices like /dev/zero or /dev/random. (Although it is MUCH more secure!) The following examples will give you an example on how to use /dev/cyber for maximum effect.

kmod - A Linux kernel module written in Rust

  •    Rust

The kernel module can be found in ./target/kernel/kmod.ko.

binfmt_mysc - Direct execution of interpreted binaries on Linux

  •    C

My partial reimplementation of binfmt_misc made at HackBeanpot 2016 which enables direct execution of interpreted binaries on Linux.

sgx-emulator - An Emulator and SDK for Intel SGX extension

  •    C++

(alternative, you can also run make in the second line). This demo will show you a simple Enclave program that computes sha1 (cryptographic hash from openssl) inside Enclave.