ebpfkit is a rootkit powered by eBPF
☆840Feb 28, 2023Updated 3 years ago
Alternatives and similar repositories for ebpfkit
Users that are interested in ebpfkit are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29☆685Jul 7, 2024Updated last year
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆141Feb 28, 2023Updated 3 years ago
- A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.☆1,951Apr 7, 2024Updated last year
- Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.☆1,665Oct 19, 2023Updated 2 years ago
- A Linux Host-based Intrusion Detection System based on eBPF.☆458Dec 20, 2023Updated 2 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Linux Kernel Runtime Integrity with eBPF☆184Nov 23, 2023Updated 2 years ago
- Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and ser…☆2,609Mar 9, 2026Updated 2 weeks ago
- Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)☆305Nov 30, 2024Updated last year
- Collection of Linux eBPF slides/documents.☆982Nov 15, 2023Updated 2 years ago
- a PoC for Linux to get around agents that log commands being executed, without root privilege. Linux低权限模糊化执行的程序名和参数,避开基于execve系统调用监控的命令日志☆245May 8, 2019Updated 6 years ago
- CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation☆579Jun 7, 2022Updated 3 years ago
- LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)☆2,277Mar 10, 2026Updated 2 weeks ago
- awesome-linux-rootkits☆2,041Feb 15, 2026Updated last month
- Linux EDR written in Golang and based on eBPF.☆244May 24, 2022Updated 3 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- ☆28Nov 24, 2021Updated 4 years ago
- A golang ebpf libary based on cilium/ebpf and datadog/ebpf.☆348May 18, 2025Updated 10 months ago
- Scaffolding for BPF application development with libbpf and BPF CO-RE☆1,452Feb 27, 2026Updated last month
- ☆85Jan 23, 2022Updated 4 years ago
- Practice Go programming and implement CobaltStrike's Beacon in Go☆1,263Oct 2, 2020Updated 5 years ago
- ebpf WebShell/内核马,一种新型内核马/WebShell技术☆353Jan 8, 2024Updated 2 years ago
- Credentials Dumper for Linux using eBPF☆1,157Sep 9, 2024Updated last year
- bpflock - eBPF driven security for locking and auditing Linux machines☆151Feb 16, 2022Updated 4 years ago
- Automated upstream mirror for libbpf stand-alone build.☆2,656Mar 16, 2026Updated last week
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Linux Kernel Hacking☆751Apr 10, 2024Updated last year
- 📦 Make security testing of K8s, Docker, and Containerd easier.☆4,587Feb 23, 2026Updated last month
- Self‑healing Gossip Mesh C2 with Assisted Peer Discovery, Modular Post‑Exploitation, and OPSEC‑Focused Transport☆1,694Updated this week
- Converts PE into a shellcode☆2,751Aug 30, 2025Updated 6 months ago
- SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature…☆1,264Aug 27, 2023Updated 2 years ago
- ETrace is a syscall tracing utility powered by eBPF☆26Feb 26, 2023Updated 3 years ago
- Adversary Emulation Framework☆10,877Updated this week
- Red-Team LKM☆636Dec 16, 2025Updated 3 months ago
- k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.☆301Aug 30, 2021Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- 检测绝大部分所谓的内存免杀马☆734Sep 15, 2022Updated 3 years ago
- /root/.ssh/authorized_keys evil file watchdog with ebpf tracepoint hook.☆352Feb 5, 2023Updated 3 years ago
- A curated list of awesome projects related to eBPF.☆4,954Mar 11, 2026Updated 2 weeks ago
- eBPF library for Go. Powered by libbpf.☆839Jan 23, 2026Updated 2 months ago
- 恶意代码逃逸源代码 http://payloads.online☆758Mar 7, 2022Updated 4 years ago
- [WIP] 整理过去我和K8s、容器、虚拟化相关的分享 🧐☆3,153Nov 6, 2025Updated 4 months ago
- WebSocket 内存马/Webshell,一种新型内存马/WebShell技术☆1,493Apr 10, 2023Updated 2 years ago