elfmaster/ftrace elfmaster/ftrace

  • Stars
    star
    323
  • Rank 130,051 (Top 3 %)
  • Language
    C
  • Created about 11 years ago
  • Updated over 7 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
elfmaster/ftrace
github

elfmaster

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

POSIX Function tracing

ftrace

More Repositories

1

libelfmaster

Secure ELF parsing/loading library for forensics reconstruction of malware, and robust reverse engineering tools
C
403
star
2

skeksi_virus

Devestating and awesome Linux X86_64 ELF Virus
C
221
star
3

ecfs

extended core file snapshot format
C
219
star
4

maya

Highly advanced Linux anti-exploitation and anti-tamper binary protector for ELF.
C
151
star
5

dsym_obfuscate

Obfuscates dynamic symbol table
C
134
star
6

saruman

ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)
C
126
star
7

kdress

Transform vmlinuz into a fully debuggable vmlinux that can be used with /proc/kcore
C
121
star
8

binflow

This is the new ftrace (https://github.com/elfmaster/ftrace) - Much faster, better resolution but not complete yet! :)
C++
107
star
9

dt_infect

ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD
C
106
star
10

sherlocked

Universal script packer-- transforms any type of script into a protected ELF executable, encrypted with anti-debugging.
Objective-C
102
star
11

linker_preloading_virus

An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses
C
58
star
12

taskverse

A tool like /bin/ps but uses /proc/kcore for walking the tasklist; this finds hidden processes
C
56
star
13

libelfmaster_examples

Simple ELF tools written to demonstrate libelfmaster capabilities.
C
37
star
14

kprobe_rootkit

Linux kernel rootkit using kprobes (From http://phrack.org/issues/67/6.html)
C
35
star
15

ecfs_exec

Be able to execute memory snapshots so they can start running where they left off.
C
34
star
16

static_binary_mitigations

relros.c applies RELRO to static binaries, and static_to_dyn.c applies ASLR to static binaries.
C
32
star
17

shiva

Shiva is a programmable dynamic linker for loading ELF microprograms
Roff
29
star
18

davinci

Transforms any file into a protected ELF executable
C
26
star
19

scop_virus_paper

ELF Virus infection techniques that work with SCOP (Secure code partitioned) executables
C
14
star
20

fork_trace

C++
10
star
21

avu32

anti virus 32bit. my first attempt (in 2008) to write prototype for detecting/disinfecting unix ELF viruses
C
8
star
22

canaryism

Canaryism will tell you which functions are protected with gcc stack canaries
C
6
star
23

packt_book

C
6
star
24

interpx_documentation

4
star
25

shiva_blogposts

Multiple blogposts are maintained here.
3
star
26

shiva_presentations

2
star
27

unix_virus_anniversary

2
star
28

veriexec.linux

Veriexec implementation for Linux
C
2
star
29

poetry

Transcribing my poetry from 19yrs ago
1
star