Aviral2642 / kernelghostLinks
KernelGhost is a next-generation offensive security framework that combines stealthy eBPF-based rootkit capabilities with advanced hypervisor escape techniques. It enables persistent cross-VM access, stealth process hiding, UEFI firmware backdoors, and more all while evading modern detection systems.
☆18Updated 10 months ago
Alternatives and similar repositories for kernelghost
Users that are interested in kernelghost are comparing it to the libraries listed below
Sorting:
- ☆63Updated 2 years ago
- ☆86Updated last month
- Threat Modeling (based on STRIDE approach) for Kubernetes systems.☆25Updated last year
- Protect your Cloud Native Applications running on Kubernetes from malicious attacks with pre-registered source code, pre-registered runti…☆58Updated last year
- Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS, HTTP and SYSLOG App…☆71Updated 9 months ago
- A simple mitmproxy blueprint to intercept HTTPS traffic from app running on Kubernetes☆74Updated 9 months ago
- Simple root privilege escalation detection using eBPF 🐝☆35Updated 4 months ago
- Demo repository for running eBPF in GitHub Actions☆23Updated 10 months ago
- ☆90Updated 2 months ago
- Publications from the eBPF foundation☆28Updated 2 months ago
- A toy containers aware firewall built in Rust☆23Updated 3 years ago
- AxoSyslog - the scalable security data processor☆102Updated this week
- Jibril: A performant and low impact Linux runtime security tool agent.☆14Updated 8 months ago
- VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities☆104Updated last year
- Simple ethernet interface traffic monitor and reporting tool☆90Updated 2 months ago
- DevGuard Backend - Secure your Software Supply Chain - Attestation-based compliance as Code, manage your CVEs seamlessly, Integrate your …☆107Updated this week
- ☆28Updated 8 months ago
- Pwning IPv6 Networks☆37Updated last month
- AppArmor and Seccomp profiles for Docker images☆14Updated last month
- Leaky Vessels Dynamic Detector☆103Updated 9 months ago
- Spotter is a comprehensive Kubernetes security scanner that uses CEL-based rules to identify security vulnerabilities, misconfigurations,…☆70Updated 4 months ago
- Deep Linux runtime visibility meets Wireshark☆302Updated 2 months ago
- ☆93Updated 3 months ago
- Pentester-focused Docker registry tool to enumerate and pull images☆36Updated 3 months ago
- Make your programs stealthier🐝☆201Updated 7 months ago
- VulsRepo is visualized based on the json report output in vuls.☆36Updated 4 years ago
- [Edgeshark] Virtual communication discovery in container hosts☆34Updated 3 months ago
- Static detection tool for runc and Docker "Leaky Vessels" vulnerabilities☆96Updated 5 months ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆111Updated last year
- Containerlab topologies for routing software interoperability tests.☆18Updated 2 months ago