• Linux Rootkits: New Methods for Kernel 5.7+
  • Fancy Bear's a Lumberjack and It's Okay - A Dive into the Kernel Component of Drovorub
  • Bleeding Tooth Deep Dive
  • Linux Rootkits Part 9: Hiding Logged In Users (Modifying File Contents Without Touching Disk)
  • Linux Rootkits Part 8: Hiding Open Ports
  • Linux Rootkits Part 7: Hiding Processes
  • Privileged Container Escapes with Kernel Modules
  • Linux Rootkits Part 6: Hiding Directories
  • Linux Rootkits Part 5: Hiding Kernel Modules from Userspace
  • Linux Rootkits Part 4: Backdooring PRNGs by Interfering with Char Devices
  • Linux Rootkits Part 3: A Backdoor to Root
  • Linux Rootkits Part 2: Ftrace and Function Hooking
  • Linux Rootkits Part 1: Introduction and Workflow