Azazel is a userland rootkit written in C based off of the original LD_PRELOAD technique from Jynx rootkit. It is more robust and has additional features, and focuses heavily around anti-debugging and anti-detection. Features include log cleaning, pcap subversion, and more.
ec98508fc4cdf0112e94528e07c54147f753faa6a4210d9ea336d8c58a2140de