Gui774ume / ebpfkit-monitorView external linksLinks
ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits
☆140Feb 28, 2023Updated 2 years ago
Alternatives and similar repositories for ebpfkit-monitor
Users that are interested in ebpfkit-monitor are comparing it to the libraries listed below
Sorting:
- ebpfkit is a rootkit powered by eBPF☆831Feb 28, 2023Updated 2 years ago
- Linux Kernel Runtime Integrity with eBPF☆184Nov 23, 2023Updated 2 years ago
- A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29☆681Jul 7, 2024Updated last year
- CO-RE code for the Netdata eBPF plugin.☆16Feb 6, 2026Updated last week
- 利用chrome扩展 dump 浏览器cookie https://saucer-man.com/information_security/787.html☆15Sep 9, 2021Updated 4 years ago
- Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.☆1,659Oct 19, 2023Updated 2 years ago
- A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.☆1,937Apr 7, 2024Updated last year
- ☆20Jun 13, 2022Updated 3 years ago
- A Linux Host-based Intrusion Detection System based on eBPF.☆457Dec 20, 2023Updated 2 years ago
- ☆22Jul 24, 2025Updated 6 months ago
- ☆12Sep 26, 2025Updated 4 months ago
- CVE-2022-3910☆12Mar 14, 2023Updated 2 years ago
- vArmor-ebpf is a specialized project dedicated to maintaining the BPF code utilized by vArmor.☆41Jan 26, 2026Updated 3 weeks ago
- Collection of Linux eBPF slides/documents.☆978Nov 15, 2023Updated 2 years ago
- This repository is used to analysis the shared resources of different containers☆30Oct 22, 2024Updated last year
- A process level network security monitoring and enforcement project for Kubernetes, using eBPF☆44Jun 16, 2020Updated 5 years ago
- Container (Docker) escape exploits☆53Dec 15, 2021Updated 4 years ago
- k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.☆301Aug 30, 2021Updated 4 years ago
- Deterministic record and replay and tracing of syzkaller bug reproducers☆20Apr 25, 2025Updated 9 months ago
- steal Windows Telegram Desktop session☆15Sep 8, 2020Updated 5 years ago
- Red Canary's eBPF Sensor☆113Jun 10, 2025Updated 8 months ago
- CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation☆578Jun 7, 2022Updated 3 years ago
- Cobalt Strike teamserver detection.☆16Apr 26, 2021Updated 4 years ago
- burpplugin 根据一遍神贴,实现了一下burp插件版本的小刀,一键生成shell☆14Jul 15, 2019Updated 6 years ago
- ☆17Aug 25, 2022Updated 3 years ago
- Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)☆305Nov 30, 2024Updated last year
- payloads☆15Mar 17, 2021Updated 4 years ago
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆23Aug 30, 2024Updated last year
- A simple anti-rootkit Linux kernel module for an 'Operating Systems Security' course.☆16May 21, 2021Updated 4 years ago
- 🔎 crx-scouter.js can detect which Chrome extensions we are using quietly.☆147Oct 6, 2023Updated 2 years ago
- Linux Runtime Security and Forensics using eBPF☆4,362Feb 9, 2026Updated last week
- A file system events notifier based on eBPF☆73Dec 5, 2025Updated 2 months ago
- Logging library for kernel drivers written for the Windows NT operating system.☆21Oct 17, 2025Updated 4 months ago
- Kubernetes offensive framework built in eBPF☆39Mar 14, 2023Updated 2 years ago
- ☆103Mar 8, 2022Updated 3 years ago
- nysm is a stealth post-exploitation container.☆266Jun 19, 2025Updated 7 months ago
- Detect burp☆33Jun 7, 2021Updated 4 years ago
- Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and ser…☆2,558Feb 10, 2026Updated last week
- awesome resources about cloud native security 🐿☆323Nov 4, 2023Updated 2 years ago