Bleeping Computer

LKRG: Linux to Get a Loadable Kernel Module for Runtime Integrity Checking

Members of the open source community are working on a new security-focused project for the Linux kernel. Named Linux Kernel Runtime Guard (LKRG), this is a loadable kernel module that will perform ...
GitHub

hw4n1/Linux-Kernel-Loadable-Module-LKM-Rootkit

This repository hosts a highly technical Proof-of-Concept (PoC) for an Advanced Linux Loadable Kernel Module (LKM) Rootkit, developed in C. Its primary goal is to simulate sophisticated persistence ...
Network World

Kernel space: should security modules be dynamically loadable?

Security modules watch the rest of the Linux system for intruders, but if they’re dynamically loadable, qui custodiet ipsos custodes? The ever-contentious Linux Security Modules (LSM) API is being ...
Linux Journal

Loadable Kernel Module Exploits

Many useful computer security tool ideas have a common genesis: the cracker world. Tools, like port scanners and password crackers, originally designed to aid black-hats in their attempts to ...
GitHub

jinjucat/Loadable-kernel-module-keylogger

This project uses DNS exfiltration to send keystrokes (encoded in Base64) within the DNS query name field, using Loadable Kernel Modules (LKMs). Keys typed are captured. The captured characters are ...
Linux Journal

Using the Kernel Security Module Interface

At the 2001 Linux Kernel Summit, NSA developers presented their work on Security-Enhanced Linux (SELinux) and emphasized the need for enhanced security support in the main Linux kernel. In the ensuing ...
IEEE

VMPL-KMI: Protecting Kernel Module Integrity within Confidential VMs

Abstract: Confidential Virtual Machines (CVMs), such as AMD SEV, offer external protection but lack a privilege hierarchy, making them vulnerable to susceptible loadable kernel modules (LKMs).