• Presentation
    • Initial Setup & Installation
    • VM Installation & Verification
    • Attacking VM Setup
    • Victim VM Setup
    • Overview
    • Installation
    • Usage & CLI Commands
    • Configuration
    • Security Features
    • Deployment
    • Connection & Authentication
      • Connection
      • Password Protection
      • Command Execution
      • Crypto
      • Bonus Features
      • Fileless Dropper & Rootkit Loader
      • Stealth Hooks & daniel.* Commands
      • Encrypted C2, Persistence & Auth
      • Symbol Resolution & Ftrace Hooks
      • Remote Exec & File Transfer
    • Command Execution
    • Configuration Justifications
    • Security Interaction with C2
    • Handout Format
  • code Resources
  • savings Tux Fan Club: Chasse au Trésor Pirate
  • favorite Un dernier mot
    • GitHub
  • to navigate
  • to select
  • to close
    • Home
    • EpiRootkit
    On this page
      • Core Objectives
      • Core Objectives
    article

    EpiRootkit

    Overview of the EpiRootkit kernel module and its interaction with the C2 server.

    code

    Deployment

    article

    Connection & Authentication

    How EpiRootkit connects and authenticates with the C2 server.

    code folder

    Features

    article

    Command Execution

    How EpiRootkit receives and processes commands from the C2 server.

    code

    Configuration Justifications

    Justification for Ubuntu 20.04 LTS / Linux 5.4.x

    article

    Security Interaction with C2

    Security protocols EpiRootkit must follow when interacting with the C2 server.

    © 2025 Tux Fan Club. Built with Lotus Docs