TMP.0UT stands on the shoulders of giants, and we lend a hand for the next generation of giants to stand on ours.

This repo contains an appendix of resources and links to our own work and the work of others.

If you see your work cited here and would like us to credit in a more specific way, please let us know!

We're in the process of categorizing our links, but here are some additional resources that we would recommend:

http://web.archive.org/web/20190707132426/http://blog.mdsec.co.uk/2015/05/my-lulzy-pwniez-abusing-kernel-elf.html https://web.archive.org/web/20210419083854/https://github.com/eliben/pyelftools/blob/master/elftools/elf/elffile.py https://web.archive.org/web/20210126220816/http://fluxius.handgrep.se/2011/10/20/the-art-of-elf-analysises-and-exploitations/ https://web.archive.org/web/20210330083236/https://man7.org/linux/man-pages/man5/elf.5.html https://web.archive.org/web/20201127212058/https://github.com/jtRIPper/parasite https://web.archive.org/web/20201222145218/https://nnc3.com/mags/LJ_1994-2014/LJ/213/11185.html https://web.archive.org/web/20210320081458/https://www.youtube.com/watch?v=VLmrsfSE-tA https://web.archive.org/web/20201206045654/https://github.com/NickStephens/elfit https://web.archive.org/web/20210419085111/https://compilepeace.medium.com/malware-engineering-part-0x1-that-magical-elf-5be3556ecb2b http://web.archive.org/web/20210414055016/https://remnux.org/ http://web.archive.org/web/20200804104928/https://twitter.com/s01den/status/1290600208582299648 https://web.archive.org/web/20210320134317/https://nvd.nist.gov/vuln/detail/CVE-2020-16269 http://web.archive.org/web/20210415105836/https://www.muppetlabs.com/~breadbox/software/elfkickers.html http://web.archive.org/web/20210408041624/https://linux-audit.com/elf-binaries-on-linux-understanding-and-analysis/ http://web.archive.org/web/20210419090950/https://www.intezer.com/blog/malware-analysis/elf-malware-analysis-101-initial-analysis/ http://web.archive.org/web/20210419092109/https://blogs.oracle.com/solaris/how-to-strip-an-elf-object-without-fully-understanding-it-v2 https://web.archive.org/web/20210125064407/http://www.goldsborough.me/c/low-level/kernel/2016/08/29/16-48-53-the_-ld_preload-_trick/ https://web.archive.org/web/20210227013457/https://www.kernel.org/doc/Documentation/trace/ftrace.txt http://web.archive.org/web/20210127022339/https://github.com/torvalds/linux/blob/master/fs/binfmt_elf.c https://web.archive.org/web/20191029141000/http://repository.root-me.org/Virologie/EN%20-%20Linux%20viruses%20%E2%80%93%20ELF%20file%20format.pdf https://web.archive.org/web/20210419092346/https://github.com/xcellerator/linux_kernel_hacking/tree/master/3_RootkitTechniques https://web.archive.org/web/20210211234312/http://virus.enemy.org/virus-writing-HOWTO/_html/ https://web.archive.org/web/20200915075531/http://www.phrack.org/issues/56/7.html https://web.archive.org/web/20190518052046/http://www.wiw.org/~meta/vlad.php?read=ARTICLE.2_4&issue=7&desc=STAOG%20Linux%20Virus https://web.archive.org/web/20201105010652/https://github.com/xcellerator/linux_kernel_hacking/tree/master/3_RootkitTechniques/3.3_set_root https://web.archive.org/web/20201030055654/https://github.com/geekaaron/elf64-hijack https://web.archive.org/web/20210121204148/https://blog.fbkcs.ru/elf-in-memory-execution/ https://web.archive.org/web/20160408084706/http://vxheaven.org/lib/vhe02.html https://web.archive.org/web/20160408084703/http://vxheaven.org/lib/vhe06.html https://web.archive.org/web/20210417182906/https://github.com/iovisor/bcc/blob/master/docs/reference_guide.md https://web.archive.org/web/20210412134058/https://justine.lol/ape.html https://web.archive.org/web/20210419093111/https://github.com/xcellerator/linux_kernel_hacking/blob/master/3_RootkitTechniques/3.0_hiding_lkm/rootkit.c https://web.archive.org/web/20201208092652/http://phrack.org/issues/55/7.html https://web.archive.org/web/20210203011427/https://h0mbre.github.io/Learn-C-By-Creating-A-Rootkit/ https://web.archive.org/web/20210225122439/https://llvm.org/docs/WritingAnLLVMPass.html https://web.archive.org/web/20150321153211/http://vxheaven.org/lib/vrn00.html https://web.archive.org/web/20210417071058/https://github.com/marin-m/vmlinux-to-elf/ https://web.archive.org/web/20210419093453/https://www.intezer.com/blog/malware-analysis/executable-linkable-format-101-part-2-symbols/ https://web.archive.org/web/20210116105331/https://www.intezer.com/blog/research/executable-linkable-format-101-part1-sections-segments/ https://web.archive.org/web/20210116214455/https://opensource.com/article/21/1/gnu-project-debugger https://web.archive.org/web/20210415231611/https://www.rfxn.com/projects/linux-malware-detect/ https://web.archive.org/web/20210121065010/https://jm33.me/emp3r0r-process-injection-and-persistence.html https://web.archive.org/web/20210419093656/https://raw.githubusercontent.com/mozilla/positron/master/build/unix/elfhack/elfhack.cpp https://web.archive.org/web/20210414063022/https://www.sad0p-re.org/ https://web.archive.org/web/20210419093724/https://www.drkns.net/kernel-who-does-magic/ https://web.archive.org/web/20210414205810/https://github.com/xoreaxeaxeax/sandsifter https://web.archive.org/web/20210419093929/https://github.com/sad0p/go-readelf https://web.archive.org/web/20210203085055/https://lkmidas.github.io/posts/20210123-linux-kernel-pwn-part-1/ https://web.archive.org/web/20210201154456/https://lkmidas.github.io/posts/20210128-linux-kernel-pwn-part-2/ https://web.archive.org/web/20210123081132/http://phobosys.de/blog_january_21.html https://web.archive.org/web/20210419094325/https://vx-underground.org/zines/Codebreakerz/cb1/Codbrk03.txt https://web.archive.org/web/20210419094435/https://vx-underground.org/zines/Codebreakerz/cb1/ https://web.archive.org/web/20210415044357/https://github.com/NixOS/patchelf https://web.archive.org/web/20200914173736/https://github.com/elfmaster/dt_infect https://web.archive.org/web/20210419094619/https://github.com/netspooky/golfclub/tree/master/linux https://web.archive.org/web/20210419094732/https://www.vx-underground.org/archive/VxHeaven/lib/vrn00.html https://web.archive.org/web/20210125085722/https://www.redhat.com/en/blog/hardening-elf-binaries-using-relocation-read-only-relro https://web.archive.org/web/20210419094818/https://android.googlesource.com/platform/external/libunwind/+/262c86e/src/dwarf/ https://web.archive.org/web/20210419095013/https://cobalt.googlesource.com/cobalt/+/9fd106630afcfc799d1f7d301e19935ee431681e/src/third_party/mozjs-45/build/unix/elfhack https://web.archive.org/web/20210419095015/https://github.com/xcellerator/libgolf https://web.archive.org/web/20210419095101/https://github.com/xcellerator/libgolf/blob/main/examples/01_dead_bytes/Makefile https://web.archive.org/web/20210211072957/https://github.com/d3npa/experiments/tree/master/quick_elf_patching_in_rust https://web.archive.org/web/20201112024845/https://github.com/cranklin/cranky-data-virus https://web.archive.org/web/20210406110829/https://cranklin.wordpress.com/2016/12/26/how-to-create-a-virus-using-the-assembly-language/ https://web.archive.org/web/20210419095151/https://gajastechnologies.blogspot.com/2016/12/how-to-create-virus-using-assembly.html https://web.archive.org/web/20210320081456/https://netspooky.medium.com/elf-binary-mangling-part-1-concepts-e00cb1352301 https://web.archive.org/web/20201129104217/https://n0.lol/bggp/writeup.html https://web.archive.org/web/20181129103221/http://bitlackeys.org/papers/secure_code_partitioning_2018.txt https://web.archive.org/web/20210320081500/https://netspooky.medium.com/elf-binary-mangling-part-3-weaponization-6e11971108b3 https://web.archive.org/web/20210419095631/https://packetstormsecurity.com/files/12327/elf-pv.txt.html https://web.archive.org/web/20201114070413/https://www.usenix.org/system/files/conference/woot13/woot13-shapiro.pdf https://archive.org/details/dc-20-programming-weird-machines-with-elf https://archive.org/details/the-bits-between-the-bits-how-we-get-to-main-matt-godbolt https://web.archive.org/web/20210419095902/https://vx-underground.org/papers/VXUG/Mirrors/Injection/linux/blog.gdssecurity.com-Linux%20based%20inter-process%20code%20injection%20withoutnbspptrace2.pdf https://web.archive.org/web/20210419100014/https://lcamtuf.coredump.cx/soft/ld-expl https://web.archive.org/web/20200812130053/https://blog.rapid7.com/2019/01/03/santas-elfs-running-linux-executables-without-execve/ https://web.archive.org/web/20190823163000/http://hacktracking.blogspot.com/search/label/virus https://web.archive.org/web/20210420203456/https://github.com/cuviper/elfutils/blob/master/src/strip.c https://web.archive.org/web/20201108104907/https://github.com/mewmew/dissection https://web.archive.org/web/20210420203837/https://marc.info/?l=unix-virus https://web.archive.org/web/20201109034243/http://timelessname.com/elfbin/ https://web.archive.org/web/20201124201402/https://************.com/elf-hello-world https://web.archive.org/web/20210420204128/https://www.conradk.com/codebase/2017/05/28/elf-from-scratch/ https://web.archive.org/web/20210420204539/https://www.kitploit.com/2021/01/drow-injects-code-into-elf-executables.html?m=1&s=09 https://web.archive.org/web/20210420204709/https://notes.eatonphil.com/emulating-amd64-starting-with-elf.html?s=09 https://web.archive.org/web/20210125064407/https://www.goldsborough.me/c/low-level/kernel/2016/08/29/16-48-53-the_-ld_preload-_trick/ https://web.archive.org/web/20210126220816/http://fluxius.handgrep.se/2011/10/20/the-art-of-elf-analysises-and-exploitations/ https://web.archive.org/web/20210228204657/https://fasterthanli.me/series/making-our-own-executable-packer/part-1 https://web.archive.org/web/20210204032212/https://redcanary.com/blog/heavens-gate-technique-on-linux/ https://web.archive.org/web/20140726192450/http://www.exploit-db.com/papers/14087/ https://web.archive.org/web/20210420205707/https://github.com/cloudsec/elfpack/blob/master/elfpack.s https://web.archive.org/web/20210420205936/https://mbobrowski.org/research/runtime-process-infection-via-plt-got.html https://web.archive.org/web/20200910190338/https://medium.com/bugbountywriteup/linux-reverse-engineering-ctfs-for-beginners-4cf03ff2cfb4 https://web.archive.org/web/20210413134713/https://kishuagarwal.github.io/life-of-a-binary.html https://web.archive.org/web/20201107193320/https://stffrdhrn.github.io/hardware/embedded/openrisc/2019/11/29/relocs.html https://web.archive.org/web/20200909184658/https://github.com/elfmaster/libelfmaster https://web.archive.org/web/20210420210500/https://github.com/ulexec/Linux.RV/blob/master/rv.asm https://web.archive.org/web/20210411034217/https://www.nytimes.com/2004/02/08/magazine/the-virus-underground.html https://web.archive.org/web/20200915075619/http://www.phrack.org/archives/issues/61/8.txt https://web.archive.org/web/20210417034002/https://wiki.osdev.org/ELF https://web.archive.org/web/20210415124218/http://www.muppetlabs.com/~breadbox/software/tiny/teensy.html https://web.archive.org/web/20210408041624/https://linux-audit.com/elf-binaries-on-linux-understanding-and-analysis/ https://web.archive.org/web/20210121153537/http://papermint-designs.com/dmo-blog/2016-01-pocrypt-a-proof-of-concept-for-dynamically-decrypt-linux-binaries https://web.archive.org/web/20210131151033/https://www.guitmz.com/running-elf-from-memory/ https://web.archive.org/web/20201108170624/https://medium.com/@MrJamesFisher/understanding-the-elf-4bd60daac571 https://web.archive.org/web/20170923084854/https://0x00sec.org/t/elfun-file-injector/410 https://web.archive.org/web/20210420211003/https://github.com/youben11/silvio-text-infect/blob/master/silvio_64.c https://web.archive.org/web/20210106122515/https://magisterquis.github.io/2018/03/31/in-memory-only-elf-execution.html https://web.archive.org/web/20201118151448/https://syscall.sh/ https://web.archive.org/web/20180819154725/http://tms.dicp.de/~alba/virus-writing-HOWTO/_html/index.html https://web.archive.org/web/20210120041554/http://blog.w4kfu.com/ https://web.archive.org/web/20210203085055/https://lkmidas.github.io/posts/20210123-linux-kernel-pwn-part-1/ https://web.archive.org/web/20200917104402/https://github.com/MrCheeze/pokered-self-replicator https://web.archive.org/web/20190412213220/https://www.exploit-db.com/papers?author=8947 https://web.archive.org/web/20201212225245/https://github.com/pallada-92/dna-3d-engine https://web.archive.org/web/20210226022708/https://s01den.github.io/ https://n0.lol/ebm/1.html https://n0.lol/ebm/2.html https://n0.lol/ebm/3.html https://n0.lol/ebm/4.html https://labs.portcullis.co.uk/blog/fixing-the-links-hardening-the-linker/ https://labs.portcullis.co.uk/presentations/breaking-the-links-exploiting-the-linker/ http://www.nth-dimension.org.uk/pub/BTL.pdf https://github.com/0xricksanchez/paper_collection