Daniel Roberson

XORDDOS malware

0001-01-01

XORDDOS malware targets Linux system with an intent of using compromised hosts as a DDoS botnet.

XoRDDoS is named due to its heavy usage of XOR in its command and control protocol and within its code.

Recent Posts

Linux Persistence: atd

2025-04-01 DFIR CTF linux persistence at atd

Linux Persistence: SSH

2025-03-29 DFIR CTF SSH hardening hunting persistence linux persistence hunting hardening SSH PAM

Linux Hardening: SSH

2025-03-06 DFIR SSH hardening linux hardening SSH PAM

Linux Anti-Forensics: Timestomping

2025-03-05 DFIR linux anti-forensics

Finding Bad with Linux Package Managers

2025-03-03 DFIR linux persistence