LSE toolsLSE toolsAzazel (199)Azazel (199)

Tool and Usage

Project details

Programming language
Latest release
No release found
Latest release date

Project health

This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

Tools like rootkits are often used by attackers to conceal their presence. Rootkits are a good source to understand malware and help with improving analysis skills. This rootkit focuses on anti-debugging and anti-detection. The availability of the source can be very helpful to understand the related risks.

How it works

Azazel is a userland rootkit that uses a library loading technique (LD_PRELOAD). Via this technique, it can intercept system calls and remain hidden.

Usage and audience

Azazel is commonly used for malware analysis. Target users for this tool are security professionals.

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:


  • + The source code of this software is available

Azazel alternatives

Similar tools to Azazel:



Diamorphine is a so-called LKM rootkit for Linux. It runs on different kernels in the 2.6, 3.x, and 4.x branch.


Rootkit Hunter

Security tool to search for traces of rootkits, backdoors, and other malicious components on systems running Linux and other flavors of Unix



chkrootkit is a malware scanner to locally check for signs of a rootkit. It is written in shell script and runs on the host system itself.

All Azazel alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information


This tool is categorized as a Linux rootkit.

Related topics