• code Presentation
    • Host Environment Setup
    • VM Installation & Verification
    • Attacker VM Setup
    • Victim VM Setup
    • Host to VM File Transfer
    • Overview
    • Installation
    • Command Reference
    • Usage & Workflows
    • Overview
    • Installation & Setup
      • Authentication
      • Dashboard
      • Client Management
        • Terminal Panel
        • Persistence Panel
        • Event Log Panel
        • Upload/Download Panel
        • Overview Panel
        • Configuration Panel
        • Authentication Panel
    • Configuration Justifications
    • EpiRootkit Overview
    • Build & Deployment
    • Connection & Authentication
      • Command Execution
      • DNS Resolution
      • Encryption
      • Sysfs Interface
      • Module Hiding
      • File Hiding
      • Persistence
      • Line Hiding
      • File Transfer
    • Unwelcome Guests
    • Tux Fan Club: Chasse au Trésor Pirate
  • favorite Un dernier mot
    • GitHub
  • to navigate
  • to select
  • to close
    • Home
    • EpiRootkit
    • Features
    On this page
    star

    Features

    EpiRootkit core functionality and capabilities

    terminal

    Command Execution

    Execute system commands with output capture

    dns

    DNS Resolution

    Kernel-space DNS client for domain-based C2 communication

    lock

    Encryption

    XOR-based communication encryption for C2 traffic

    settings

    Sysfs Interface

    Linux permissions-based feature control

    visibility_off

    Module Hiding

    Hide the rootkit module from lsmod and /proc/modules

    folder_off

    File Hiding

    Hide files and directories from directory listings using syscall interception

    autorenew

    Persistence

    Automatic rootkit loading across reboots

    edit

    Line Hiding

    Hide rootkit lines from file contents using syscall interception

    file_copy

    File Transfer

    Upload and download files between C2 server and infected systems

    © 2025 Tux Fan Club. Built with Lotus Docs