A rootkit is software, usually malicious in nature, designed to provide surreptitious access to a computer system and hide the presence of the attacker.
Links to this note
- attribution-steffens2020
- diamorpinecryptominer-anyrun2025
- Curing rootkit
- io_uringblindspotrootkits-toulas2025
- boopkit
- Linux Persistence: Rootkits
- t0rn rootkit
- kernelinstrumentationusingkprobes-elfmaster2010
- Basilisk
- hidden kernel module
- kernel patch
- kernel rootkit
- ModTracer
- artoflinuxkernelrootkit-tmpout4-matheuzsec_humzak711
- Linux Persistence: Processes
- suterusu
- Defanging Linux LKM Rootkits With cleanup_module()
- prevent LKM unloading with rmmod
- reference count to avoid LKM removal
- kprobe rootkits
- phalanx rootkit
- UnhookingLinuxEdr
- unhookinglinuxedrs-matheuzsecurity2025
- KoviD
- leveragingldaudittobeatldpreload-ribak2020
- rkspotter
- Linux Persistence: SSH
- binary replacement rootkit
- anatomyofreallinuxintrusion_mitmhoneypot-alonso2016
- hiddenwasp-intezer2019
- knockknock-osxreverser2021
- symbiote-kennedy2022
- incidentresponse-luttgens2014
- rootkit detection
- tricephalichellkeeper-pourcelot2022
- anatomyofreallinuxintrusion-alonso2016
- bvp47-pangulab2022
- trackingteamtnt-fiser2021
- unveiling wolfsbane-sperka2024
- hiddenkernelmodulesextremwayreborn_g1inko2024
- System.map
- taskverse
- adore
- borges2021
- hooks
- Jynx rootkit
- pamgoesrogue-sharma2003
- rootkits hiding CPU usage
- linuxapts-great2020
- baines2016
- /etc/ld.so.preload persistence
- Azazel rootkit
- bdvl
- BEURK
- Diamorphine
- LD_PRELOAD
- libprocesshider
- LKM rootkit
- Reptile rootkit
- rkhunter
- rootkits hide network traffic
- shell function as userland rootkit
- shellgame
- Skidmap malware
- Symbiote
- userland rootkit
- vlany
- WolfsBane Hider rootkit