├── .vscode └── settings.json ├── README.md ├── module01 ├── .vscode │ └── tasks.json ├── Makefile └── helloworld.c ├── module02 ├── .vscode │ └── tasks.json ├── Makefile └── helloworld.c ├── module03 ├── .vscode │ ├── ipch │ │ ├── 3a227f7b4ea1e547 │ │ │ ├── exit.ipch │ │ │ └── mmap_address.bin │ │ └── 97375d4bcec1856a │ │ │ ├── main.ipch │ │ │ └── mmap_address.bin │ └── tasks.json ├── Makefile ├── exit.c └── main.c ├── module04 ├── .vscode │ ├── ipch │ │ └── 81b6fce00c4f8bc1 │ │ │ └── mmap_address.bin │ └── tasks.json ├── Makefile ├── exit.c ├── foo ├── functs.h └── main.c ├── module05_hooking_sysread ├── .vscode │ └── tasks.json ├── Makefile ├── main.c └── main.o.ur-safe ├── module06_hooking_sysopen ├── .cache.mk ├── .vscode │ └── tasks.json ├── Makefile ├── main.c ├── main.o.ur-safe └── testfile ├── module07_hooking_getdents ├── .vscode │ └── tasks.json ├── Makefile ├── main.c ├── main.o.ur-safe ├── secretfile.txt └── testfile ├── module08_hooking_getdents_hidePIDs ├── .vscode │ └── tasks.json ├── Echo.c ├── Makefile ├── echo ├── main.c ├── main.o.ur-safe ├── secretfile.txt └── testfile ├── module09_hooking_syscall_connect ├── .vscode │ └── tasks.json ├── Echo.c ├── Makefile ├── echo ├── main.c ├── main.o.ur-safe ├── secretfile.txt └── testfile ├── module10_hooking_syscall_connect_redirect ├── .vscode │ └── tasks.json ├── Echo.c ├── Makefile ├── echo ├── main.c ├── main.o.ur-safe ├── secretfile.txt └── testfile ├── module11_Hooking_execve ├── .vscode │ └── tasks.json ├── Makefile ├── main.c └── main.o.ur-safe ├── module12_Hooking_execve_altercmd ├── .vscode │ └── tasks.json ├── Makefile ├── main.c └── main.o.ur-safe └── module13_Hooking_SyscallRead_Keylogger ├── .vscode └── tasks.json ├── Makefile ├── main.c └── main.o.ur-safe /.vscode/settings.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/.vscode/settings.json -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/README.md -------------------------------------------------------------------------------- /module01/.vscode/tasks.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module01/.vscode/tasks.json -------------------------------------------------------------------------------- /module01/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module01/Makefile -------------------------------------------------------------------------------- /module01/helloworld.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module01/helloworld.c -------------------------------------------------------------------------------- /module02/.vscode/tasks.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module02/.vscode/tasks.json -------------------------------------------------------------------------------- /module02/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module02/Makefile -------------------------------------------------------------------------------- /module02/helloworld.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module02/helloworld.c -------------------------------------------------------------------------------- /module03/.vscode/ipch/3a227f7b4ea1e547/exit.ipch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module03/.vscode/ipch/3a227f7b4ea1e547/exit.ipch -------------------------------------------------------------------------------- /module03/.vscode/ipch/3a227f7b4ea1e547/mmap_address.bin: -------------------------------------------------------------------------------- 1 | Xw -------------------------------------------------------------------------------- /module03/.vscode/ipch/97375d4bcec1856a/main.ipch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module03/.vscode/ipch/97375d4bcec1856a/main.ipch -------------------------------------------------------------------------------- /module03/.vscode/ipch/97375d4bcec1856a/mmap_address.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module03/.vscode/ipch/97375d4bcec1856a/mmap_address.bin -------------------------------------------------------------------------------- /module03/.vscode/tasks.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module03/.vscode/tasks.json -------------------------------------------------------------------------------- /module03/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module03/Makefile -------------------------------------------------------------------------------- /module03/exit.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module03/exit.c -------------------------------------------------------------------------------- /module03/main.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module03/main.c -------------------------------------------------------------------------------- /module04/.vscode/ipch/81b6fce00c4f8bc1/mmap_address.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module04/.vscode/ipch/81b6fce00c4f8bc1/mmap_address.bin -------------------------------------------------------------------------------- /module04/.vscode/tasks.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module04/.vscode/tasks.json -------------------------------------------------------------------------------- /module04/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module04/Makefile -------------------------------------------------------------------------------- /module04/exit.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module04/exit.c -------------------------------------------------------------------------------- /module04/foo: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /module04/functs.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module04/functs.h -------------------------------------------------------------------------------- /module04/main.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module04/main.c -------------------------------------------------------------------------------- /module05_hooking_sysread/.vscode/tasks.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module05_hooking_sysread/.vscode/tasks.json -------------------------------------------------------------------------------- /module05_hooking_sysread/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module05_hooking_sysread/Makefile -------------------------------------------------------------------------------- /module05_hooking_sysread/main.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module05_hooking_sysread/main.c -------------------------------------------------------------------------------- /module05_hooking_sysread/main.o.ur-safe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module05_hooking_sysread/main.o.ur-safe -------------------------------------------------------------------------------- /module06_hooking_sysopen/.cache.mk: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module06_hooking_sysopen/.cache.mk -------------------------------------------------------------------------------- /module06_hooking_sysopen/.vscode/tasks.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module06_hooking_sysopen/.vscode/tasks.json -------------------------------------------------------------------------------- /module06_hooking_sysopen/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module06_hooking_sysopen/Makefile -------------------------------------------------------------------------------- /module06_hooking_sysopen/main.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module06_hooking_sysopen/main.c -------------------------------------------------------------------------------- /module06_hooking_sysopen/main.o.ur-safe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module06_hooking_sysopen/main.o.ur-safe -------------------------------------------------------------------------------- /module06_hooking_sysopen/testfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module06_hooking_sysopen/testfile -------------------------------------------------------------------------------- /module07_hooking_getdents/.vscode/tasks.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module07_hooking_getdents/.vscode/tasks.json -------------------------------------------------------------------------------- /module07_hooking_getdents/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module07_hooking_getdents/Makefile -------------------------------------------------------------------------------- /module07_hooking_getdents/main.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module07_hooking_getdents/main.c -------------------------------------------------------------------------------- /module07_hooking_getdents/main.o.ur-safe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module07_hooking_getdents/main.o.ur-safe -------------------------------------------------------------------------------- /module07_hooking_getdents/secretfile.txt: -------------------------------------------------------------------------------- 1 | Too Many Secrets! 2 | -------------------------------------------------------------------------------- /module07_hooking_getdents/testfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module07_hooking_getdents/testfile -------------------------------------------------------------------------------- /module08_hooking_getdents_hidePIDs/.vscode/tasks.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module08_hooking_getdents_hidePIDs/.vscode/tasks.json -------------------------------------------------------------------------------- /module08_hooking_getdents_hidePIDs/Echo.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module08_hooking_getdents_hidePIDs/Echo.c -------------------------------------------------------------------------------- /module08_hooking_getdents_hidePIDs/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module08_hooking_getdents_hidePIDs/Makefile -------------------------------------------------------------------------------- /module08_hooking_getdents_hidePIDs/echo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module08_hooking_getdents_hidePIDs/echo -------------------------------------------------------------------------------- /module08_hooking_getdents_hidePIDs/main.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module08_hooking_getdents_hidePIDs/main.c -------------------------------------------------------------------------------- /module08_hooking_getdents_hidePIDs/main.o.ur-safe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module08_hooking_getdents_hidePIDs/main.o.ur-safe -------------------------------------------------------------------------------- /module08_hooking_getdents_hidePIDs/secretfile.txt: -------------------------------------------------------------------------------- 1 | Too Many Secrets! 2 | -------------------------------------------------------------------------------- /module08_hooking_getdents_hidePIDs/testfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module08_hooking_getdents_hidePIDs/testfile -------------------------------------------------------------------------------- /module09_hooking_syscall_connect/.vscode/tasks.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module09_hooking_syscall_connect/.vscode/tasks.json -------------------------------------------------------------------------------- /module09_hooking_syscall_connect/Echo.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module09_hooking_syscall_connect/Echo.c -------------------------------------------------------------------------------- /module09_hooking_syscall_connect/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module09_hooking_syscall_connect/Makefile -------------------------------------------------------------------------------- /module09_hooking_syscall_connect/echo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module09_hooking_syscall_connect/echo -------------------------------------------------------------------------------- /module09_hooking_syscall_connect/main.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module09_hooking_syscall_connect/main.c -------------------------------------------------------------------------------- /module09_hooking_syscall_connect/main.o.ur-safe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module09_hooking_syscall_connect/main.o.ur-safe -------------------------------------------------------------------------------- /module09_hooking_syscall_connect/secretfile.txt: -------------------------------------------------------------------------------- 1 | Too Many Secrets! 2 | -------------------------------------------------------------------------------- /module09_hooking_syscall_connect/testfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module09_hooking_syscall_connect/testfile -------------------------------------------------------------------------------- /module10_hooking_syscall_connect_redirect/.vscode/tasks.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module10_hooking_syscall_connect_redirect/.vscode/tasks.json -------------------------------------------------------------------------------- /module10_hooking_syscall_connect_redirect/Echo.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module10_hooking_syscall_connect_redirect/Echo.c -------------------------------------------------------------------------------- /module10_hooking_syscall_connect_redirect/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module10_hooking_syscall_connect_redirect/Makefile -------------------------------------------------------------------------------- /module10_hooking_syscall_connect_redirect/echo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module10_hooking_syscall_connect_redirect/echo -------------------------------------------------------------------------------- /module10_hooking_syscall_connect_redirect/main.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module10_hooking_syscall_connect_redirect/main.c -------------------------------------------------------------------------------- /module10_hooking_syscall_connect_redirect/main.o.ur-safe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module10_hooking_syscall_connect_redirect/main.o.ur-safe -------------------------------------------------------------------------------- /module10_hooking_syscall_connect_redirect/secretfile.txt: -------------------------------------------------------------------------------- 1 | Too Many Secrets! 2 | -------------------------------------------------------------------------------- /module10_hooking_syscall_connect_redirect/testfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module10_hooking_syscall_connect_redirect/testfile -------------------------------------------------------------------------------- /module11_Hooking_execve/.vscode/tasks.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module11_Hooking_execve/.vscode/tasks.json -------------------------------------------------------------------------------- /module11_Hooking_execve/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module11_Hooking_execve/Makefile -------------------------------------------------------------------------------- /module11_Hooking_execve/main.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module11_Hooking_execve/main.c -------------------------------------------------------------------------------- /module11_Hooking_execve/main.o.ur-safe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module11_Hooking_execve/main.o.ur-safe -------------------------------------------------------------------------------- /module12_Hooking_execve_altercmd/.vscode/tasks.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module12_Hooking_execve_altercmd/.vscode/tasks.json -------------------------------------------------------------------------------- /module12_Hooking_execve_altercmd/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module12_Hooking_execve_altercmd/Makefile -------------------------------------------------------------------------------- /module12_Hooking_execve_altercmd/main.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module12_Hooking_execve_altercmd/main.c -------------------------------------------------------------------------------- /module12_Hooking_execve_altercmd/main.o.ur-safe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module12_Hooking_execve_altercmd/main.o.ur-safe -------------------------------------------------------------------------------- /module13_Hooking_SyscallRead_Keylogger/.vscode/tasks.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module13_Hooking_SyscallRead_Keylogger/.vscode/tasks.json -------------------------------------------------------------------------------- /module13_Hooking_SyscallRead_Keylogger/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module13_Hooking_SyscallRead_Keylogger/Makefile -------------------------------------------------------------------------------- /module13_Hooking_SyscallRead_Keylogger/main.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module13_Hooking_SyscallRead_Keylogger/main.c -------------------------------------------------------------------------------- /module13_Hooking_SyscallRead_Keylogger/main.o.ur-safe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SourceCodeDeleted/rootkitdev-linux/HEAD/module13_Hooking_SyscallRead_Keylogger/main.o.ur-safe --------------------------------------------------------------------------------