ebpfkit is a rootkit powered by eBPF
☆844Feb 28, 2023Updated 3 years ago
Alternatives and similar repositories for ebpfkit
Users that are interested in ebpfkit are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29☆683Jul 7, 2024Updated last year
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆141Feb 28, 2023Updated 3 years ago
- A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.☆1,960Apr 7, 2024Updated 2 years ago
- Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.☆1,668Oct 19, 2023Updated 2 years ago
- A Linux Host-based Intrusion Detection System based on eBPF.☆456Dec 20, 2023Updated 2 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Linux Kernel Runtime Integrity with eBPF☆186Nov 23, 2023Updated 2 years ago
- Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and ser…☆2,641May 11, 2026Updated 2 weeks ago
- Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)☆304Updated this week
- Collection of Linux eBPF slides/documents.☆980Nov 15, 2023Updated 2 years ago
- a PoC for Linux to get around agents that log commands being executed, without root privilege. Linux低权限模糊化执行的程序名和参数,避开基于execve系统调用监控的命令日志☆244May 8, 2019Updated 7 years ago
- CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation☆578Jun 7, 2022Updated 3 years ago
- LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)☆2,336Apr 27, 2026Updated 3 weeks ago
- awesome-linux-rootkits☆2,065Feb 15, 2026Updated 3 months ago
- Linux EDR written in Golang and based on eBPF.☆248May 24, 2022Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆27Nov 24, 2021Updated 4 years ago
- A golang ebpf libary based on cilium/ebpf and datadog/ebpf.☆351May 18, 2025Updated last year
- Scaffolding for BPF application development with libbpf and BPF CO-RE☆1,484Apr 9, 2026Updated last month
- ☆83Jan 23, 2022Updated 4 years ago
- Practice Go programming and implement CobaltStrike's Beacon in Go☆1,267Oct 2, 2020Updated 5 years ago
- ebpf WebShell/内核马,一种新型内核马/WebShell技术☆353Jan 8, 2024Updated 2 years ago
- Credentials Dumper for Linux using eBPF☆1,158Sep 9, 2024Updated last year
- bpflock - eBPF driven security for locking and auditing Linux machines☆153Feb 16, 2022Updated 4 years ago
- Automated upstream mirror for libbpf stand-alone build.☆2,692Apr 9, 2026Updated last month
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Linux Kernel Hacking☆762Apr 10, 2024Updated 2 years ago
- 📦 Make security testing of K8s, Docker, and Containerd easier.☆4,660May 1, 2026Updated 3 weeks ago
- Self‑healing Gossip Mesh C2 with Assisted Peer Discovery, Modular Post‑Exploitation, and OPSEC‑Focused Transport☆1,703May 2, 2026Updated 3 weeks ago
- Converts PE into a shellcode☆2,761Aug 30, 2025Updated 8 months ago
- SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature…☆1,279Aug 27, 2023Updated 2 years ago
- ETrace is a syscall tracing utility powered by eBPF☆26Feb 26, 2023Updated 3 years ago
- Adversary Emulation Framework☆11,254May 7, 2026Updated 2 weeks ago
- k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.☆301Aug 30, 2021Updated 4 years ago
- Red-Team LKM☆642May 17, 2026Updated last week
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- 检测绝大部分所谓的内存免杀马☆733Sep 15, 2022Updated 3 years ago
- /root/.ssh/authorized_keys evil file watchdog with ebpf tracepoint hook.☆351Feb 5, 2023Updated 3 years ago
- A curated list of awesome projects related to eBPF.☆5,070May 18, 2026Updated last week
- 恶意代码逃逸源代码 http://payloads.online☆759Mar 7, 2022Updated 4 years ago
- WebSocket 内存马/Webshell,一种新型内存马/WebShell技术☆1,493Apr 10, 2023Updated 3 years ago
- [WIP] 整理过去我和K8s、容器、虚拟化相关的分享 🧐☆3,158Nov 6, 2025Updated 6 months ago
- Exploit tool implemented using ebpf.☆211Jun 4, 2024Updated last year