https://github.com/reveng007/reveng_rtkit

This talk is all about sharing the experience with all, which was learned while creating a LKM based rootkit. All those techniques and resources will be shared, in order to avoid all those overhead pains of finding out those appropriate concepts/ snippets, needed while making a LKM based rootkit, from all over the internet world, making things become easy as well as clear.

This will be a discussion on, how to know which entry point to access, implementing security concepts along with developing mindset, applying same concepts that was in market previously, in a different manner, to create a chance of getting antirootkit evaded, to implement syscall interception by finding syscall addresses, kernelmode function hooking, hiding rootkit deep inside the kernel to hide itself from usermode programs, making rootkit unremovable, etc