LSE toolsLSE toolsAzazel (176)Azazel (176)

Tool and Usage

Azazel is a Linux rootkit that uses the LD_PRELOAD technique to intercept system calls. Rootkits are a type of malicious software (malware).

Why this tool?

Tools like rootkits are often used by attackers to conceal their presence. Rootkits are a good source to understand malware and help with improving analysis skills. This rootkit focuses on anti-debugging and anti-detection. The availability of the source can be very helpful to understand the related risks.

How it works

Azazel is a userland rootkit that uses a library loading technique (LD_PRELOAD). Via this technique, it can intercept system calls and remain hidden.

Usage and audience

This tool is categorized as a Linux rootkit.

Azazel is commonly used for malware analysis. Target users for this tool are security professionals.

Tool review

The review and analysis of this project resulted in the following remarks for this security tool:


  • + The source code of this software is available
This tool page was recently updated. Found an improvement? Become an influencer and submit an update.
Project details
Latest releaseNo release found
Last updatedSept. 17, 2017

Project health

This score is calculated by different factors, like project age, last release date, etc.


GitHub iconGitHub project
Twitter icon@ChokePointStaff

Related terms