Gui774ume / ebpfkitLinks
ebpfkit is a rootkit powered by eBPF
☆804Updated 2 years ago
Alternatives and similar repositories for ebpfkit
Users that are interested in ebpfkit are comparing it to the libraries listed below
Sorting:
- A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29☆631Updated last year
- A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.☆1,881Updated last year
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆133Updated 2 years ago
- Linux Kernel Runtime Integrity with eBPF☆180Updated last year
- An eBPF playground☆206Updated last year
- Linux Kernel Hacking☆725Updated last year
- A Linux Host-based Intrusion Detection System based on eBPF.☆442Updated last year
- BTFhub, in collaboration with the BTFhub Archive repository, supplies BTF files for all published kernels that lack native support for em…☆446Updated last week
- libsinsp, libscap, the kernel module driver, and the eBPF driver sources☆280Updated this week
- bpflock - eBPF driven security for locking and auditing Linux machines☆149Updated 3 years ago
- ☆456Updated last month
- ☆304Updated 2 years ago
- Red-Team Linux kernel rootkit☆526Updated this week
- The BTFhub Archive repository provides BTF files for those published kernels that lack native support for embedded BTF, thereby enhancing…☆120Updated last week
- Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)☆296Updated 8 months ago
- Dectect syscall hooking using eBPF☆159Updated 2 years ago
- Linux Kernel hooking engine (x86)☆351Updated 7 months ago
- Scaffolding for BPF application development with libbpf and BPF CO-RE☆1,313Updated last month
- CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation☆570Updated 3 years ago
- Get live information about applications that make network requests (based on eBPF)☆51Updated 6 months ago
- VED-eBPF: Kernel Exploit and Rootkit Detection using eBPF☆163Updated 10 months ago
- A file system events notifier based on eBPF☆71Updated 2 years ago
- Credentials Dumper for Linux using eBPF☆1,147Updated 10 months ago
- Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.☆1,628Updated last year
- Trace deep kernel events through eBPF and lsm hooks☆37Updated 4 years ago
- eBPF library for Go. Powered by libbpf.☆809Updated last week
- Using ftrace for function hooking in Linux kernel☆277Updated 4 years ago
- An eBPF program debugger☆210Updated 3 years ago
- Linux EDR written in Golang and based on eBPF.☆242Updated 3 years ago
- monitor and protect SSH sessions with eBPF☆70Updated 4 years ago