blob: ca7a730a562c67493decd408e5ad1889959deec7 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
# PID Hiding Kernel Module
**IMPORTANT: EDUCATIONAL PURPOSES ONLY**
This module demonstrates kernel-level process hiding techniques for security research and educational purposes only. Using this code to hide malicious processes is illegal and unethical.
## Disclaimer
This code is provided AS-IS with:
- NO WARRANTY
- NO SUPPORT
- NO RECOMMENDATION FOR DEPLOYMENT
Implementation of kernel-level process hiding may:
- Violate computer fraud laws
- Breach organizational security policies
- Trigger security monitoring alerts
- Cause system instability or kernel panics
## Build Instructions
```bash
# Build the module
make
# Load the module (specify PID to hide)
sudo insmod pid_hider.ko hidden_pid=1234
# Remove the module
sudo rmmod pid_hider
```
## Legal Notice
Use of this code on systems without explicit authorization may constitute a criminal offense under:
- Computer Fraud and Abuse Act (CFAA)
- EU Directive 2013/40/EU
- Various international cybercrime laws
## Legitimate Alternatives
For legitimate process management, consider:
- Linux Control Groups (cgroups)
- Container technologies (Docker, LXC)
- Mandatory Access Control (SELinux, AppArmor)
- Process accounting and auditing tools
|
