Encrypted Linux x86-64 Loadable Kernel Modules (ELKM)

Whitepaper called Encrypted Linux x86-64 Loadable Kernel Modules (ELKM). The aim is to protect kernel-based rootkits and implants against observation by EndpointDetection and Response (EDR) software and to neutralize the effects of recovery by disk forensics tooling.


MD5 | 71edce142a1b2975b9d4d10c1398f3b2


Related Posts