Skip to main content
Side panel
School of Rop
You are using guest access.
Linux Implants
General
Introduction
Hopping Roppers
Prior Art
DevOps
sniffex.c and Portability
Antivirus Theory
Basics
Customization
Advanced Payloads
Anti-Forensics and Anti-Analysis
Obfuscation (In Progress)
Command and Control
Rootkit
Injection
Reverse Engineering
Home
Calendar
Fundamentals of Linux Implant Development
Home
Courses
Linux Implants
Obfuscation (In Progress)
Complexity under the RE Microscope
Complexity under the RE Microscope
This is in-process, looking for good resources and activities.
◄ Binders
Jump to...
Jump to...
This is Under Construction
Course Description
Disclaimer
How APT?
Counterpoint: No
Let's Try: Advanced
Let's Try: Persistent
Let's Try: Threat
End of Chapter Survey
Letter from the Author
The Site
Legal Stuff
Join Us
End of Chapter Survey
References
cd00r
sad00r
Turla
Running cd00r
Adding Functionality
End of Chapter Survey
Better Practices
Intro to sniffex
Sniffex to Portknocker
Generation
Pythonic
Documentation
End of Chapter Survey
Architecture Portability
Library Portability
Static Portability
Stripped Static
Dynamic Portability
Complexity
End of Chapter Survey
Detection at Scale
Signature Theory
Heuristic Theory
Sandbox Theory and Behavioral Detection
Filesystem Anomaly Finders
End of Chapter Survey
Execution Guardrails and Validators
Encoding/Encryption
Dummy Payload
Add State
More Knocks
Print Knocks
Multiple Knocks
End of Chapter Survey
Operation Resources
Turla's Modern Penguin
Download and Execute
Privilege Escalation
Persistence
Mutex
Uninstall
End of Chapter Survey
Bind Shell
Activation and Connecting to Shells
Reverse Shell
Raining Shells with MSF RPC
Feedback Survey
Shellcode Execution
Shellcode Shells
MSFvenom
Feedback Survey
Grugq "Art of Defiling"
Basic Forensics
Memory Forensics
Uninstall Part 2
Anti-Debugging
Anti-Disassembly
Anti-Virtualization
Anti-Antivirus
Shellcode Obfuscation and MSFvenom
Packers
Crypters
Protectors
Binders
End of Chapter Survey
C2 Theory
Listening Post
Command Line Interface
Pre-Defined C2
Encrypt your C2
End of Chapter Survey
Rootkit Theory
Turn Your Implant Into a LD_Preload Rootkit
Detect Your LD_Preload Rootkit
End of Chapter Survey
Shellcode Injection
End of Chapter Survey
End of Chapter Survey ►