TL; DR

EpiRootkit is a Linux kernel rootkit developed for Ubuntu 20.04 (kernel 5.4), featuring a Command-and-Control (C2) backend and a web-based user interface.

It was created during my first year of engineering studies under the guidance of Jules Aubert, a goated professor of Advanced Linux Systems at EPITA.

Overview

This documentation site explains how to set up, use, and understand the system.

  • Kernel Module (EpiRootkit): remote command execution, file transfer, authentication, XOR-encrypted C2 traffic, DNS resolution, stealth features (module and file hiding), and persistence.
  • C2 Backend: manages connected clients and command routing.
  • Web UI: graphical interface for monitoring clients and performing actions.

Start here

Key sections

Team: Tux Fan Club 🐧

Capitaine: Hugo Sibony
Hugo
Responsable Sabordage et mutinerie: Léa Bonet
Lea
Edit this page