Tool and Usage
Azazel is a Linux rootkit that uses the LD_PRELOAD technique to intercept system calls. Rootkits are a type of malicious software (malware).
Why this tool?
Tools like rootkits are often used by attackers to conceal their presence. Rootkits are a good source to understand malware and help with improving analysis skills. This rootkit focuses on anti-debugging and anti-detection. The availability of the source can be very helpful to understand the related risks.
How it works
Azazel is a userland rootkit that uses a library loading technique (LD_PRELOAD). Via this technique, it can intercept system calls and remain hidden.
Usage and audience
This tool is categorized as a Linux rootkit.
Azazel is commonly used for malware analysis. Target users for this tool are security professionals.
- + The source code of this software is available