- Blogs and Awesomes
- Exploitation
- Fuzzing
- Misc
- Toolchains and Cross-compilation
- Repositories
- Resources
- Rootkits
- Rust
- build linux: short tutorial about building Linux based operating systems.
- How did I approach making linux LKM rootkit, “reveng_rtkit” ?
- Linux kernel programming: code repository for Linux Kernel Programming, published by Packt.
- man pages: manual pages for GNU/Linux
- Linux rootkit series by Xcellerator
- Introduction and Workflow
- Ftrace and Function Hooking
- A Backdoor to Root
- Backdooring PRNGs by Interfering with Char Devices
- Hiding Kernel Modules from Userspace
- Hiding Directories
- Hiding Processes
- Hiding Open Ports
- Hiding Logged In Users (Modifying File Contents Without Touching Disk)
- A Dive into the Kernel Component of Drovorub
- New Methods for Kernel 5.7+
- Writing a simple rootkit for linux
- kasld: collection of various techniques to infer the Linux kernel base virtual address as an unprivileged local user.
- kernel-exploit-factory: Linux kernel CVE exploit analysis report and relative debug environment.
- Linux Exploit Suggester: Linux privilege escalation auditing tool
- Linux Kernel Exploit: links related to Linux kernel exploitation.
- Linux Kernel Exploitation: collection of links related to Linux kernel security and exploitation.
- difuze: fuzzer for Linux Kernel Drivers.
- healer: Kernel fuzzer inspired by Syzkaller.
- Syzkaller: unsupervised coverage-guided kernel fuzzer.
- Clang Built Linux: building the Linux kernel with Clang.
- crash: Linux kernel crash utility
- lowlevelprogramming-university: How to be low-level programmer
- lunatik: framework for scripting the Linux kernel with Lua
- TuxSuite: on-demand APIs and tools for building Linux Kernels.
- vmlinux-to-elf: tool to recover a fully analyzable .ELF from a raw kernel.
- Buildroot: simple, efficient and easy-to-use tool to generate embedded Linux systems through cross-compilation.
- clang: C language family frontend for LLVM.
- Cross-compilation toolchains (Bootlin): large number of ready-to-use cross-compilation toolchains, targetting the Linux operating system on a large number of architectures.
- Dockcross: cross compiling toolchains in Docker images.
- gcc: GNU Compiler Collection.
- Next: next tree
- Rust: rust tree
- RFL-patch-registry: aggregate Rust abstractions for Linux that have not yet been upstreamed.
- Stable: Stable tree
- Torvalds: Linus Torvald tree
- Bootlin courses: Linux related courses from bootlin
- Training material: embedded Linux and kernel training materials.
- Defence Map: relationships between vulnerability classes, exploitation techniques, bug detection mechanisms, and defence technologies.
- Elixir: Linux kernel source code cross reference.
- kconfig-hardened-check: tool for checking the security hardening options of the Linux kernel.
- kernel-security-learning: Anything about kernel security.
- Kernel documentation: official linux kernel documentation.
- Kernel map: interactive map of Linux kernel sources.
- kernel.org: linux kernel archives.
- kernelci.org: test system focused on the upstream Linux kernel.
- kernelconfig: Linux kernel configuration entries.
- like-gdb: fully dockerized Linux kernel debugging environment.
- Linux lab: create a Docker and QEMU based Linux development Lab to easier the learning.
- linux-insides: a book about linux kernel and its insides.
- Linux kernel CVEs: Tracking CVEs for the linux Kernel
- Linux Kernel Labs: lectures and labs on Linux Kernel.
- Linux Kernel Module Cheat: emulation setup to study and develop the Linux kernel.
- Linux Kernel Wiki: linux kernel wiki (in chinese)
- Linux Kernel Workshop: learn linux kernel programming.
- Linux Weekly News: site dedicated to producing the best coverage from within the Linux and free software development communities.
- LKFT: Linux Kernel Functional Testing.
- lkmpg: The Linux Kernel Module Programming Guide.
- ltp: Linux Test Project.
- [Mailing Lists]:
- Lore kernel: Linux kernel mailing lists.
- Linux hardening: Linux hardening.
- Kernel Hardening: kernel hardening.
- Lore kernel: Linux kernel mailing lists.
- mebeim: Linux kernel syscall tables.
- syscall.sh: Alternative Linux kernel syscall tables
- 1337kit: 64-bit LKM Rootkit builder based on yaml prescription.
- Awesome Linux Rootkits.
- ebpfkit: ebpfkit is a rootkit powered by eBPF
- brokepkg: LKM rootkit working in Linux Kernels 2.6.x/3.x/4.x/5.x
- Brootus: educational Linux Kernel Rootkit.
- Diamorphine: LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x and ARM64.
- Drovorub: Analysis of Drovorub
- enyelkm: LKM rootkit for Linux x86 with the 2.6 kerne
- KoviD: Kernel rk
- linux-rootkit: Remote Linux Loadable Kernel Module (LKM) rootkit (For Linux Kernels 5.x).
- linux-rootkits: collection of Linux kernel rootkits found across the internet taken and put together.
- Pinkit: LKM rootkit that executes a reverse TCP netcat shell with root privileges.
- Red Blue Teams: Linux Rootkits (4.x Kernel)
- Reptile: LKM Linux rootkit.
- Research rootkit: LibZeroEvil & the Research Rootkit project.
- Reveng_rtkit: Linux Loadable Kernel Module (LKM) based rootkit (ring-0).
- rkduck: Linux v4.x.x Rootkit
- Rootkit: rootkit for Ubuntu 16.04 and 10.04 (Linux Kernels 4.4.0 and 2.6.32), both i386 and amd64.
- Rootkit list download: list of rootkits (includes also userspace rootkits).
- rootkitkev: Rootkit Development tutorial series.
- Satan: x86 Linux Kernel rootkit for Debian 9
- spy: Linux kernel mode debugfs keylogger.
- Sutekh: rootkit that gives a userland process root permissions.
- TripleCross: Linux eBPF rootkit.
- Getting started: official documentation for getting started with Rust and Linux kernel.
- knock-out: example of a kernel module in Rust.
- out-of-tree: basic template for an out-of-tree Linux kernel module written in Rust.
- Rust for Linux: organization for adding support for the Rust language to the Linux kernel.
- Rust for Linux mailing list: rust for Linux mailing list
- Rust Kernel Programming (blog)