linux-malware

linux-malware copied to clipboard

### Area Offensive tools ### Parent threat Credential Access, Collection ### Finding https://github.com/SkyperTHC/bpf-keylogger ### Industry reference uses:eBPF attack:T1417.001:Keylogging ### Malware reference _No response_ ### Actor reference _No response_ ### Component...

timb-machine

### Area Malware reports ### Parent threat _No response_ ### Finding https://imgur.com/a/lAQ1tMQ ### Industry reference HelloBot (by malwaremustdie.org) ### Malware reference _No response_ ### Actor reference _No response_ ### Component...

timb-machine

### Area Defensive tools ### Parent threat Defense Evasion ### Finding https://github.com/Achiefs/fim ### Industry reference _No response_ ### Malware reference _No response_ ### Actor reference _No response_ ### Component Linux...

timb-machine

### Area Malware source ### Parent threat Defense Evasion ### Finding https://github.com/gianlucaborello/libprocesshider ### Industry reference uses:ProcessTreeSpoofing attack:T1574.006:Dynamic Linker Hijacking ### Malware reference libprocesshider ### Actor reference _No response_ ### Component...

timb-machine

### Area Malware source ### Parent threat Defense Evasion ### Finding https://github.com/chenkaie/junkcode/blob/master/xhide.c ### Industry reference uses:ProcessTreeSpoofing ### Malware reference XHide ### Actor reference _No response_ ### Component Linux ### Scenario...

timb-machine

### Area Defensive techniques ### Parent threat Defense Evasion ### Finding https://blog.virustotal.com/2023/12/sigma-rules-for-linux-and-macos_20.html ### Industry reference _No response_ ### Malware reference _No response_ ### Actor reference _No response_ ### Component Linux...

timb-machine

### Area Offensive tools ### Parent threat Persistence ### Finding https://github.com/MatheuZSecurity/D3m0n1z3dShell ### Industry reference _No response_ ### Malware reference _No response_ ### Actor reference _No response_ ### Component Linux ###...

timb-machine

### Area Offensive tools ### Parent threat Privilege Escalation ### Finding https://github.com/Frissi0n/GTFONow ### Industry reference attack:T1548:Abuse Elevation Control Mechanism ### Malware reference _No response_ ### Actor reference _No response_ ###...

timb-machine

### Area Malware reports ### Parent threat _No response_ ### Finding https://imgur.com/a/SSKmu ### Industry reference Rebirth Vulcan (by malwaremustdie.org) ### Malware reference _No response_ ### Actor reference _No response_ ###...

timb-machine

### Area Defensive tools ### Parent threat Defense Evasion ### Finding https://github.com/nikhilh-20/ELFEN ### Industry reference _No response_ ### Malware reference _No response_ ### Actor reference _No response_ ### Component Linux...

timb-machine