Acceis / eBPF-hide-PIDLinks
This tool have the power to hide any PID/directory in the Linux kernel
☆29Updated last year
Alternatives and similar repositories for eBPF-hide-PID
Users that are interested in eBPF-hide-PID are comparing it to the libraries listed below
Sorting:
- Rust Linux Kernel Module designed for LKM rootkit detection☆52Updated 7 months ago
- kubernetes rootkit☆35Updated last year
- Open Source eBPF Malware Analysis Framework☆52Updated 11 months ago
- ☆89Updated last year
- VED-eBPF: Kernel Exploit and Rootkit Detection using eBPF☆166Updated last year
- Circumventing "noexec" mount flag to execute arbitrary linux binaries by ptrace-less process injection☆128Updated 4 months ago
- WallEscape vulnerability in util-linux☆52Updated last year
- eBPF hacks☆187Updated 10 months ago
- An eBPF detection program for CVE-2022-0847☆28Updated 3 years ago
- A simple Meterpreter stager written in Rust.☆41Updated 2 weeks ago
- Use eBPF to inject chaos into local processes☆65Updated last year
- Userland exec PoC to be used as attack vector technique☆92Updated last month
- nysm is a stealth post-exploitation container.☆261Updated 3 months ago
- PoC and Detection for CVE-2024-21626☆75Updated last year
- ☆64Updated 2 years ago
- A collection of projects demonstrating various commandline cloaking techniques on Linux☆59Updated 3 years ago
- Attacking the cleanup_module function of a kernel module☆46Updated 3 months ago
- Dump Linux keyrings☆20Updated last year
- ☆31Updated 2 years ago
- Monarch - The Adversary Emulation Toolkit☆63Updated 9 months ago
- A tool to interact with Windows drivers to perform a raw disk read and parse out target files without calling standard Windows file APIs☆92Updated last month
- KeyTrap (DNSSEC)☆43Updated last year
- Kubernetes offensive framework built in eBPF☆39Updated 2 years ago
- ☆74Updated 11 months ago
- Disable SSL certificate verification for all binaries that use libssl☆48Updated 3 years ago
- Make your programs stealthier🐝☆188Updated 4 months ago
- io_uring based rootkit☆238Updated 5 months ago
- Mara is a userland pty/tty sniffer☆53Updated last year
- Post-exploit a compromised etcd, gain persistence and remote shell to nodes.☆85Updated last year
- BYOVD hunter to help prioritize windows drivers worth manual analysis☆37Updated last month