Aviral2642 / kernelghostLinks
KernelGhost is a next-generation offensive security framework that combines stealthy eBPF-based rootkit capabilities with advanced hypervisor escape techniques. It enables persistent cross-VM access, stealth process hiding, UEFI firmware backdoors, and more all while evading modern detection systems.
☆16Updated 6 months ago
Alternatives and similar repositories for kernelghost
Users that are interested in kernelghost are comparing it to the libraries listed below
Sorting:
- ☆63Updated 2 years ago
- ☆84Updated last week
- A simple mitmproxy blueprint to intercept HTTPS traffic from app running on Kubernetes☆73Updated 6 months ago
- Threat Modeling (based on STRIDE approach) for Kubernetes systems.☆25Updated last year
- Protect your Cloud Native Applications running on Kubernetes from malicious attacks with pre-registered source code, pre-registered runti…☆57Updated 10 months ago
- ☆89Updated last year
- ☆27Updated 5 months ago
- Publications from the eBPF foundation☆28Updated 2 months ago
- Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS, HTTP and SYSLOG App…☆68Updated 6 months ago
- Demo repository for running eBPF in GitHub Actions☆22Updated 7 months ago
- A toy containers aware firewall built in Rust☆23Updated 2 years ago
- Simple ethernet interface traffic monitor and reporting tool☆89Updated 2 weeks ago
- Simple root privilege escalation detection using eBPF 🐝☆34Updated 3 weeks ago
- An eBPF-based traffic obfuscation system that try to disguises WireGuard protocol traffic to bypass DPI and government censorship☆26Updated last week
- Leaky Vessels Dynamic Detector☆103Updated 6 months ago
- Post-Quantum Cryptography Scanner - Scan SSH/TLS servers for PQC support☆90Updated 2 weeks ago
- Jibril: A performant and low impact Linux runtime security tool agent.☆13Updated 5 months ago
- Service that scans your Infrastructure as Code for common vulnerabilities☆49Updated last year
- Signing-key abuse and update exploitation framework☆130Updated 5 months ago
- This tool have the power to hide any PID/directory in the Linux kernel☆29Updated last year
- VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities☆102Updated last year
- A repository to store Rad Fingerprinting data.☆24Updated last year
- Spotter is a comprehensive Kubernetes security scanner that uses CEL-based rules to identify security vulnerabilities, misconfigurations,…☆56Updated last month
- Kubernetes offensive framework built in eBPF☆39Updated 2 years ago
- SnailLoad Demo Webserver☆37Updated 8 months ago
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆23Updated last year
- io_uring based rootkit☆239Updated 6 months ago
- Pentester-focused Docker registry tool to enumerate and pull images☆34Updated last week
- YES3 Scanner: S3 Security Scanner for Access and Ransomware Protection☆96Updated 2 months ago
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.☆74Updated 2 years ago