Intrusive Linux

Offensive Security

The project will study the different options for injecting a malware on a Linux platform, for making it persistent, performing a privilege escalation, and for establishing a command & control channel with the operator of the malware. Based on this initial study, a number of design choices will be made with regard to the malware capacity to be developed.

Subsequently a prototype of a modular malware solution will be developed and tested in a spiral fashion, incrementally adding new features and functionalities. The solution will be validated against different versions of the most relevant Linux distributions and platforms.

Objectives:

1. Conduct research and development in the field of offensive cyber operations targeting Linux-based systems, with emphasis on custom malware.
2. Analyse and evaluate existing offensive tools (e.g. eBPF-based rootkits) to extract architectural insights and identify innovation opportunities in order to establish a knowledge base of offensive techniques and toolsets applicable to Linux environments.
3. Build-up CYLAB expertise in the domain of Linux-targeted malware engineering and offensive tooling.