From aafb7e932600911edcad96b69895f77afa636cef Mon Sep 17 00:00:00 2001
From: Andreas Hunkeler <karneades@protonmail.com>
Date: Mon, 2 Dec 2024 16:35:58 +0100
Subject: [PATCH] Add links related to loadable kernel module (LKM) rootkits

---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 077be2d..16c819c 100644
--- a/README.md
+++ b/README.md
@@ -51,6 +51,7 @@ _Persistence techniques and detection._
 * [Linux Detection Engineering -  A primer on persistence mechanisms](https://www.elastic.co/security-labs/primer-on-persistence-mechanisms) - List of Linux persistence mechanisms.
 * [ebpfkit](https://github.com/Gui774ume/ebpfkit) - Rootkit leveraging eBPF.
 * [TripleCross](https://github.com/h3xduck/TripleCross) - Rootkit leveraging eBPF.
+* [Linux LKM Persistence](https://righteousit.com/2024/11/18/linux-lkm-persistence/) - Rootkit leveraging Linux loadable kernel module (LKM).
 
 ### macOS
 
@@ -110,6 +111,7 @@ _Tools for testing detections. Use the techniques described in [Persistence Tech
 ### Linux
 
 * [PANIX](https://github.com/Aegrah/PANIX) - A highly customizable Linux persistence tool. Perform various persistence techniques against Linux systems, among others Debian and RHEL.
+* [Diamorphine](https://github.com/m0nad/Diamorphine) -  A loadable kernel module (LKM) rootkit for Linux Kernels (x86/x86_64 and ARM64).
 
 ### macOS