Tool and Usage
Diamorphine is a so-called LKM rootkit for Linux. It runs on different kernels in the 2.6, 3.x, and 4.x branch.
Why this tool?
Rootkits are typically considered to be malware, or malicious software. With the intent to hide, this type of software is often used after a breach. Learning about how it works can be useful for security researchers and security professionals.
How it works
This rootkit is using the Linux functionality of loadable kernel modules (LKM). It can be loaded with insmod or modprobe, after which is will start doing its nefarious job.
Usage and audience
Diamorphine is commonly used during learning. Target users for this tool are security professionals.
- + The source code of this software is available
Author and Maintainers
Diamorphine is under development by Victor Ramos Mello.