elfmaster

Computer security researcher, reverse engineer, and ELF connoisseur

Arcana ResearchSeattle

Pinned Repositories

binflow
This is the new ftrace (https://github.com/elfmaster/ftrace) - Much faster, better resolution but not complete yet! :)
Language:C++108 14 531
dsym_obfuscate
Obfuscates dynamic symbol table
Language:C133 11 026
dt_infect
ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD
Language:C110 8 319
ecfs
extended core file snapshot format
Language:C222 22 1658
ftrace
POSIX Function tracing
Language:C330 15 5105
kdress
Transform vmlinuz into a fully debuggable vmlinux that can be used with /proc/kcore
Language:C129 12 223
libelfmaster
Secure ELF parsing/loading library for forensics reconstruction of malware, and robust reverse engineering tools
Language:C446 34 2364
maya
Highly advanced Linux anti-exploitation and anti-tamper binary protector for ELF.
Language:C158 10 318
saruman
ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)
Language:C133 11 144
skeksi_virus
Devestating and awesome Linux X86_64 ELF Virus
Language:C227 17 562

elfmaster's Repositories

elfmaster/libelfmaster
Secure ELF parsing/loading library for forensics reconstruction of malware, and robust reverse engineering tools
Language:C446 34 2364
elfmaster/skeksi_virus
Devestating and awesome Linux X86_64 ELF Virus
Language:C227 17 562
elfmaster/ecfs
extended core file snapshot format
Language:C222 22 1658
elfmaster/maya
Highly advanced Linux anti-exploitation and anti-tamper binary protector for ELF.
Language:C158 10 318
elfmaster/dsym_obfuscate
Obfuscates dynamic symbol table
Language:C133 11 026
elfmaster/saruman
ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)
Language:C133 11 144
elfmaster/kdress
Transform vmlinuz into a fully debuggable vmlinux that can be used with /proc/kcore
Language:C129 12 223
elfmaster/dt_infect
ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD
Language:C110 8 319
elfmaster/binflow
This is the new ftrace (https://github.com/elfmaster/ftrace) - Much faster, better resolution but not complete yet! :)
Language:C++108 14 531
elfmaster/linker_preloading_virus
An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses
Language:C67 7 07
elfmaster/libelfmaster_examples
Simple ELF tools written to demonstrate libelfmaster capabilities.
Language:C39 6 14
elfmaster/static_binary_mitigations
relros.c applies RELRO to static binaries, and static_to_dyn.c applies ASLR to static binaries.
Language:C33 10 03
elfmaster/shiva
Shiva is a programmable dynamic linker for loading ELF microprograms
Language:Roff30 5 04
elfmaster/scop_virus_paper
ELF Virus infection techniques that work with SCOP (Secure code partitioned) executables
Language:C15 8 01
elfmaster/fork_trace
Language:C++11 2 03
elfmaster/interpx_documentation
4 4 0
elfmaster/shiva_blogposts
Multiple blogposts are maintained here.
3 2 0
elfmaster/veriexec.linux
Veriexec implementation for Linux
Language:C3 3 00
elfmaster/bcc
BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more
Language:Python2 1 0
elfmaster/binutils-gdb
Unofficial mirror of sourceware binutils-gdb repository. Updated daily.
Language:C2 4 01
elfmaster/shiva_presentations
2
elfmaster/unix_virus_anniversary
2 2 0
elfmaster/linux
Linux kernel source tree
Language:C1 1 0
elfmaster/openssh-portable
Portable OpenSSH
Language:C1 1 0
elfmaster/poetry
Transcribing my poetry from 19yrs ago
1 3 0
elfmaster/AgentGPT
🤖 Assemble, configure, and deploy autonomous AI Agents in your browser.
Language:TypeScript1 0
elfmaster/code.mil
An experiment in open source at the Department of Defense.
Language:JavaScript1 0
elfmaster/En14c.github.io
my blog
elfmaster/popcorn-kernel
Popcorn Linux kernel for distributed thread execution
Language:C1 0
elfmaster/seventh_gate
Language:C4 0