arm64_silent_syscall_hook vs r77-rootkit

arm64_silent_syscall_hook

silent syscall hooking without modifying sys_call_table/handlers via patching exception handler (by 3intermute)

r77-rootkit

Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc. (by bytecode77)

rootkit fileless av-evasion

Source Code

bytecode77.com

Suggest alternative

Edit details

InfluxDB - Power Real-Time Data Analytics at Scale

Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

www.influxdata.com

featured

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com

featured

arm64_silent_syscall_hook		r77-rootkit
	Project
1	Mentions	1
95	Stars	1,501
-	Growth	-
0.0	Activity	5.6
over 1 year ago	Latest Commit	14 days ago
C	Language	C
-	License	BSD 2-clause "Simplified" License

The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

arm64_silent_syscall_hook

Posts with mentions or reviews of arm64_silent_syscall_hook. We have used some of these posts to build our list of alternatives and similar projects.

syscall hooking on arm64 via hooking exception handler
1 project | /r/lowlevel | 29 Apr 2022

r77-rootkit

Posts with mentions or reviews of r77-rootkit. We have used some of these posts to build our list of alternatives and similar projects.

$sxr-powershell.exe
1 project | /r/computerviruses | 16 Mar 2023

It could be this rootkit: https://github.com/bytecode77/r77-rootkit

What are some alternatives?

When comparing arm64_silent_syscall_hook and r77-rootkit you can also consider the following projects:

capstone - Capstone disassembly/disassembler framework: Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings. [Moved to: https://github.com/capstone-engine/capstone]

TitanHide - Hiding kernel-driver for x86/x64.

WSAAcceptBackdoor - Winsock accept() Backdoor Implant.

Diamorphine - LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)

Stuxnet-Source - stuxnet Source & Binaries. (+PLC ROOTKIT) ONLY FOR ACADEMICAL RESEARCH AND EDUCATIONAL PURPOSES! Includes: Source files, Binaries, PLC Samples,Fanny Added in another repo.

ebpfkit - ebpfkit is a rootkit powered by eBPF

ebpfkit-monitor - ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits

TripleCross - A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.