{"id":3665,"date":"2014-02-14T21:22:35","date_gmt":"2014-02-14T13:22:35","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=3665"},"modified":"2014-02-15T02:23:04","modified_gmt":"2014-02-14T18:23:04","slug":"azazel-userland-anti-debugging-anti-detection-rootkit","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2014\/02\/azazel-userland-anti-debugging-anti-detection-rootkit\/","title":{"rendered":"Azazel – Userland Anti-debugging & Anti-detection Rootkit"},"content":{"rendered":"
Azazel is a userland rootkit written in C based off of the original LD_PRELOAD technique from Jynx rootkit. It is more robust and has additional features, and focuses heavily around anti-debugging and anti-detection. Features include log cleaning, pcap subversion, and more.<\/p>\n
<\/p>\n
Features<\/strong><\/p>\n As with anything of this nature, it’s recommended you check the source-code\/run it in a safe environment etc. But if I have to emphasise stuff like that, this is probably the wrong site for you.<\/p>\n You can grab Azazel from Github here:<\/p>\n\n
\n
git clone https:\/\/github.com\/chokepoint\/azazel.git<\/pre>\n