Demonized Shell is an Advanced Tool for persistence in linux.

Demonized Shell is a sophisticated tool designed for achieving persistence in Linux systems. Its advanced features allow for maintaining unauthorized access over extended periods, making it a potent tool for malicious actors seeking to maintain control over compromised systems.


git clone
cd D3m0n1z3dShell
chmod +x
sudo ./

One-Liner Install

Download D3m0n1z3dShell with all files:

curl -L | tar xz && cd D3m0n1z3dShell-main && sudo ./

Load D3m0n1z3dShell statically (without the static-binaries directory):

sudo curl -s -o /tmp/ && sudo bash /tmp/

Demonized Features

  • Auto Generate SSH keypair for all users
  • APT Persistence
  • Crontab Persistence
  • Systemd User level
  • Systemd Root Level
  • Bashrc Persistence
  • Privileged user & SUID bash
  • LKM Rootkit Modified, Bypassing rkhunter & chkrootkit
  • LKM Rootkit With file encoder. persistent icmp backdoor and others features.
  • ICMP Backdoor
  • LD_PRELOAD Setup PrivEsc
  • Static Binaries For Process Monitoring, Dump credentials, Enumeration, Trolling and Others Binaries.

Pending Features

  •  LD_PRELOAD Rootkit
  •  Process Injection
  •  install for example: curl | bash
  •  Static D3m0n1z3dShell
  •  Intercept Syscall Write from a file
  •  ELF/Rootkit Anti-Reversing Technique
  •  PAM Backdoor
  •  rc.local Persistence
  •  init.d Persistence
  •  motd Persistence
  •  Persistence via php webshell.
  •  ACL Persistence.

And other types of features that will come in the future.

Download D3m0n1z3dShell

Next Post Previous Post
No Comment
Add Comment
comment url