Aviral2642 / kernelghostLinks
KernelGhost is a next-generation offensive security framework that combines stealthy eBPF-based rootkit capabilities with advanced hypervisor escape techniques. It enables persistent cross-VM access, stealth process hiding, UEFI firmware backdoors, and more all while evading modern detection systems.
☆18Updated 10 months ago
Alternatives and similar repositories for kernelghost
Users that are interested in kernelghost are comparing it to the libraries listed below
Sorting:
- ☆86Updated 3 weeks ago
- Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS, HTTP and SYSLOG App…☆71Updated 9 months ago
- Threat Modeling (based on STRIDE approach) for Kubernetes systems.☆25Updated last year
- Publications from the eBPF foundation☆28Updated 2 months ago
- Protect your Cloud Native Applications running on Kubernetes from malicious attacks with pre-registered source code, pre-registered runti…☆58Updated last year
- ☆90Updated 2 months ago
- Simple ethernet interface traffic monitor and reporting tool☆90Updated last month
- A simple mitmproxy blueprint to intercept HTTPS traffic from app running on Kubernetes☆74Updated 9 months ago
- Simple root privilege escalation detection using eBPF 🐝☆35Updated 4 months ago
- A toy containers aware firewall built in Rust☆23Updated 3 years ago
- ☆93Updated 3 months ago
- A repository to store Rad Fingerprinting data.☆24Updated last year
- Leaky Vessels Dynamic Detector☆103Updated 9 months ago
- AxoSyslog - the scalable security data processor☆102Updated this week
- VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities☆104Updated last year
- Deep Linux runtime visibility meets Wireshark☆302Updated 2 months ago
- ☆63Updated 2 years ago
- ☆28Updated 8 months ago
- Demo repository for running eBPF in GitHub Actions☆23Updated 10 months ago
- DevGuard Backend - Secure your Software Supply Chain - Attestation-based compliance as Code, manage your CVEs seamlessly, Integrate your …☆107Updated this week
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆111Updated last year
- Jibril: A performant and low impact Linux runtime security tool agent.☆14Updated 8 months ago
- YES3 Scanner: S3 Security Scanner for Access and Ransomware Protection☆101Updated last month
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆23Updated last year
- Kubernetes offensive framework built in eBPF☆39Updated 2 years ago
- deep file scanner tool☆41Updated 5 months ago
- eBPF hacks☆195Updated last year
- Evolution process of The Falco Project☆59Updated this week
- AWACS for RBAC. Tool for auditing CRUD permissions in Kubernetes' RBAC.☆47Updated last year
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.☆75Updated 2 years ago