Aviral2642 / kernelghost
KernelGhost is a next-generation offensive security framework that combines stealthy eBPF-based rootkit capabilities with advanced hypervisor escape techniques. It enables persistent cross-VM access, stealth process hiding, UEFI firmware backdoors, and more all while evading modern detection systems.
☆10Updated 3 weeks ago
Alternatives and similar repositories for kernelghost:
Users that are interested in kernelghost are comparing it to the libraries listed below
- eBPF-Based NFS Telemetry Exporter for Kubernetes☆37Updated 10 months ago
- A toy containers aware firewall built in Rust☆23Updated 2 years ago
- [Edgeshark] Virtual communication discovery in container hosts☆26Updated 5 months ago
- ☆63Updated 2 years ago
- Publications from the eBPF foundation☆23Updated 5 months ago
- eBPF container escape detector prototype | Kernel 6.8+ | Early dev phase | Expect kernel panics ⚠️☆10Updated last month
- TC, XDP, KProbe and CGroup eBPF based simple Ethernet interface traffic monitor and reporting tool☆96Updated 3 weeks ago
- AWACS for RBAC. Tool for auditing CRUD permissions in Kubernetes' RBAC.☆46Updated 11 months ago
- DevGuard Backend - Secure your Software Supply Chain - Attestation-based compliance as Code, manage your CVEs seamlessly, Integrate your …☆66Updated last week
- Threat Modeling (based on STRIDE approach) for Kubernetes systems.☆21Updated 6 months ago
- bpfluga is an agentless eBPF observability tool written in Go that deploys, manages, and detaches eBPF programs via SSH for deep kernel i…☆15Updated 3 weeks ago
- A Kustomize generator plugin that reads SOPS encoded files and converts them to Kubernetes Secrets☆10Updated 3 years ago
- ☆19Updated 7 months ago
- ☆29Updated this week
- Kubernetes CNI benchmark 2024-01☆19Updated last year
- Measure UDP and TCP connection latency for IPv4 and IPv6 using eBPF and Go☆60Updated 2 weeks ago
- Kata Containers with MicroK8s☆35Updated 9 months ago
- KubeDNS Shepherd is a Kubernetes controller that manages the DNS configuration of workloads, ensuring efficient and reliable way to confi…☆38Updated last week
- ☆72Updated 3 months ago
- Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS, HTTP and SYSLOG App…☆62Updated 2 weeks ago
- Simple k8s watcher to copy a file into a configmap☆11Updated last year
- K8s-Secret-Expiry-Controller is a Kubernetes operator that manages and tracks the lifespan of Kubernetes secrets.☆14Updated last year
- An EBPF based IPv4/IPv6 firewall with integrations for OpenZiti Zero-Trust Framework edge-routers and tunnellers☆52Updated this week
- K8s API Honeypot with Active Defense Capabilities☆40Updated last year
- in-toto is a framework to secure the software supply chain.☆70Updated 3 months ago
- A simple mitmproxy blueprint to intercept HTTPS traffic from app running on Kubernetes☆65Updated last week
- Protect your Cloud Native Applications running on Kubernetes from malicious attacks with pre-registered source code, pre-registered runti…☆54Updated 4 months ago
- Open Source runtime scanner for Linux containers (LXD / LXC), It performs security audit checks based on CIS Linux containers Benchmark …☆24Updated 8 months ago
- A replacement for "kubectl exec" that works over WebSocket connections.☆38Updated last year
- ☆20Updated 11 months ago