Aviral2642 / kernelghostLinks
KernelGhost is a next-generation offensive security framework that combines stealthy eBPF-based rootkit capabilities with advanced hypervisor escape techniques. It enables persistent cross-VM access, stealth process hiding, UEFI firmware backdoors, and more all while evading modern detection systems.
☆18Updated 9 months ago
Alternatives and similar repositories for kernelghost
Users that are interested in kernelghost are comparing it to the libraries listed below
Sorting:
- Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS, HTTP and SYSLOG App…☆70Updated 9 months ago
- Simple ethernet interface traffic monitor and reporting tool☆90Updated last month
- Threat Modeling (based on STRIDE approach) for Kubernetes systems.☆25Updated last year
- A simple mitmproxy blueprint to intercept HTTPS traffic from app running on Kubernetes☆74Updated 9 months ago
- ☆86Updated 2 weeks ago
- ☆63Updated 2 years ago
- VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities☆104Updated last year
- Simple root privilege escalation detection using eBPF 🐝☆35Updated 3 months ago
- Jibril: A performant and low impact Linux runtime security tool agent.☆14Updated 8 months ago
- Publications from the eBPF foundation☆28Updated last month
- Demo repository for running eBPF in GitHub Actions☆23Updated 9 months ago
- Pwning IPv6 Networks☆37Updated last month
- Leaky Vessels Dynamic Detector☆103Updated 9 months ago
- SnailLoad Demo Webserver☆38Updated 11 months ago
- Spotter is a comprehensive Kubernetes security scanner that uses CEL-based rules to identify security vulnerabilities, misconfigurations,…☆69Updated 4 months ago
- A toy containers aware firewall built in Rust☆23Updated 3 years ago
- AxoSyslog - the scalable security data processor☆102Updated this week
- ☆93Updated 2 months ago
- ☆90Updated last month
- io_uring based rootkit☆248Updated 9 months ago
- Protect your Cloud Native Applications running on Kubernetes from malicious attacks with pre-registered source code, pre-registered runti…☆58Updated last year
- YES3 Scanner: S3 Security Scanner for Access and Ransomware Protection☆101Updated 2 weeks ago
- Post-Quantum Cryptography Scanner - Scan SSH/TLS servers for PQC support☆107Updated 2 months ago
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆23Updated last year
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆110Updated last year
- Identify servers running various SSL VPNs based on protocol-specific behaviors☆88Updated last year
- DevGuard Backend - Secure your Software Supply Chain - Attestation-based compliance as Code, manage your CVEs seamlessly, Integrate your …☆102Updated last week
- Service that scans your Infrastructure as Code for common vulnerabilities☆49Updated 2 years ago
- Static detection tool for runc and Docker "Leaky Vessels" vulnerabilities☆97Updated 4 months ago
- Containerlab topologies for routing software interoperability tests.☆18Updated last month