ebpfkit is a rootkit powered by eBPF
☆841Feb 28, 2023Updated 3 years ago
Alternatives and similar repositories for ebpfkit
Users that are interested in ebpfkit are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29☆685Jul 7, 2024Updated last year
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆140Feb 28, 2023Updated 3 years ago
- A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.☆1,956Apr 7, 2024Updated 2 years ago
- Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.☆1,660Oct 19, 2023Updated 2 years ago
- A Linux Host-based Intrusion Detection System based on eBPF.☆457Dec 20, 2023Updated 2 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Linux Kernel Runtime Integrity with eBPF☆184Nov 23, 2023Updated 2 years ago
- Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and ser…☆2,630Updated this week
- Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)☆305Nov 30, 2024Updated last year
- Collection of Linux eBPF slides/documents.☆983Nov 15, 2023Updated 2 years ago
- a PoC for Linux to get around agents that log commands being executed, without root privilege. Linux低权限模糊化执行的程序名和参数,避开基于execve系统调用监控的命令日志☆245May 8, 2019Updated 6 years ago
- CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation☆578Jun 7, 2022Updated 3 years ago
- LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)☆2,288Mar 10, 2026Updated last month
- awesome-linux-rootkits☆2,055Feb 15, 2026Updated 2 months ago
- Linux EDR written in Golang and based on eBPF.☆246May 24, 2022Updated 3 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- ☆28Nov 24, 2021Updated 4 years ago
- A golang ebpf libary based on cilium/ebpf and datadog/ebpf.☆349May 18, 2025Updated 10 months ago
- Scaffolding for BPF application development with libbpf and BPF CO-RE☆1,465Updated this week
- ☆85Jan 23, 2022Updated 4 years ago
- Practice Go programming and implement CobaltStrike's Beacon in Go☆1,264Oct 2, 2020Updated 5 years ago
- ebpf WebShell/内核马,一种新型内核马/WebShell技术☆353Jan 8, 2024Updated 2 years ago
- Credentials Dumper for Linux using eBPF☆1,158Sep 9, 2024Updated last year
- bpflock - eBPF driven security for locking and auditing Linux machines☆151Feb 16, 2022Updated 4 years ago
- Automated upstream mirror for libbpf stand-alone build.☆2,671Updated this week
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Linux Kernel Hacking☆755Apr 10, 2024Updated 2 years ago
- 📦 Make security testing of K8s, Docker, and Containerd easier.☆4,622Updated this week
- Self‑healing Gossip Mesh C2 with Assisted Peer Discovery, Modular Post‑Exploitation, and OPSEC‑Focused Transport☆1,700Updated this week
- Converts PE into a shellcode☆2,751Aug 30, 2025Updated 7 months ago
- SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature…☆1,268Aug 27, 2023Updated 2 years ago
- ETrace is a syscall tracing utility powered by eBPF☆26Feb 26, 2023Updated 3 years ago
- Adversary Emulation Framework☆10,986Updated this week
- Red-Team LKM☆633Dec 16, 2025Updated 4 months ago
- k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.☆301Aug 30, 2021Updated 4 years ago
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- 检测绝大部分所谓的内存免杀马☆733Sep 15, 2022Updated 3 years ago
- /root/.ssh/authorized_keys evil file watchdog with ebpf tracepoint hook.☆352Feb 5, 2023Updated 3 years ago
- A curated list of awesome projects related to eBPF.☆4,978Apr 1, 2026Updated 2 weeks ago
- 恶意代码逃逸源代码 http://payloads.online☆761Mar 7, 2022Updated 4 years ago
- WebSocket 内存马/Webshell,一种新型内存马/WebShell技术☆1,492Apr 10, 2023Updated 3 years ago
- [WIP] 整理过去我和K8s、容器、虚拟化相关的分享 🧐☆3,156Nov 6, 2025Updated 5 months ago
- Exploit tool implemented using ebpf.☆212Jun 4, 2024Updated last year