LSE toolsLSE toolsAzazel (261)Azazel (261)

Tool and Usage

Project details
Programming languageC
Latest releaseNo release found

Project health

This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

Tools like rootkits are often used by attackers to conceal their presence. Rootkits are a good source to understand malware and help with improving analysis skills. This rootkit focuses on anti-debugging and anti-detection. The availability of the source can be very helpful to understand the related risks.

How it works

Azazel is a userland rootkit that uses a library loading technique (LD_PRELOAD). Via this technique, it can intercept system calls and remain hidden.

Usage and audience

Azazel is commonly used for malware analysis. Target users for this tool are security professionals.

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:


  • + The source code of this software is available

Azazel alternatives

Similar tools to Azazel:



chkrootkit is a malware scanner to locally check for signs of a rootkit. It is written in shell script and runs on the host system itself.



Diamorphine is a so-called LKM rootkit for Linux. It runs on different kernels in the 2.6, 3.x, and 4.x branch.


Rootkit Hunter

Security tool to search for traces of rootkits, backdoors, and other malicious components on systems running Linux and other flavors of Unix

All Azazel alternatives

Found an improvement? Help the community by submitting an update.

Related tool information


This tool is categorized as a Linux rootkit.

Related terms