Add links related to loadable kernel module (LKM) rootkits

Karneades · Dec 2, 2024 · aafb7e9 · aafb7e9
1 parent d7d9f25
commit aafb7e9
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -51,6 +51,7 @@ _Persistence techniques and detection._
 * [Linux Detection Engineering -  A primer on persistence mechanisms](https://www.elastic.co/security-labs/primer-on-persistence-mechanisms) - List of Linux persistence mechanisms.
 * [ebpfkit](https://github.com/Gui774ume/ebpfkit) - Rootkit leveraging eBPF.
 * [TripleCross](https://github.com/h3xduck/TripleCross) - Rootkit leveraging eBPF.
+* [Linux LKM Persistence](https://righteousit.com/2024/11/18/linux-lkm-persistence/) - Rootkit leveraging Linux loadable kernel module (LKM).
 
 ### macOS
 
@@ -110,6 +111,7 @@ _Tools for testing detections. Use the techniques described in [Persistence Tech
 ### Linux
 
 * [PANIX](https://github.com/Aegrah/PANIX) - A highly customizable Linux persistence tool. Perform various persistence techniques against Linux systems, among others Debian and RHEL.
+* [Diamorphine](https://github.com/m0nad/Diamorphine) -  A loadable kernel module (LKM) rootkit for Linux Kernels (x86/x86_64 and ARM64).
 
 ### macOS