Alternatives and similar repositories for pangolin

Users that are interested in pangolin are comparing it to the libraries listed below

• z789 / hide_proc
  The demo of hidden process and ko module
  ☆22Updated 3 years ago
• chriskaliX / Hades
  Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)
  ☆305Updated last year
• sourque / louis
  Linux EDR written in Golang and based on eBPF.
  ☆244Updated 3 years ago
• TomAPU / bpfcronescape
  ☆85Updated 4 years ago
• lxraa / v8_exp
  ☆53Updated 3 years ago
• h2-stack / LL-RASP
  Low-level RASP: Protecting Applications Implemented in High-level Programming Languages
  ☆69Updated 3 months ago
• duowen1 / Container-escape-exps
  Container (Docker) escape exploits
  ☆53Updated 4 years ago
• gojue / rootkit-sample
  ☆49Updated 3 years ago
• Vu1nT0tal / IDA-Pro-tips
  IDA Pro每周小技巧
  ☆279Updated 3 years ago
• leveryd / ebpf-app
  ☆25Updated 3 years ago
• wonderkun / crawler
  利用github action定时爬取先知、安全客等的文章进行保存
  ☆67Updated 4 years ago
• chenaotian / CVE-2022-0185
  CVE-2022-0185 POC and Docker and Analysis write up
  ☆38Updated 3 years ago
• driverxdw / Kprobe-hooker
  Use kprobe capture common kernel event and can also use for hids agent（kernel module）
  ☆10Updated 2 years ago
• chenaotian / CVE-2023-0386
  CVE-2023-0386 analysis and Exp
  ☆123Updated 2 years ago
• huoji120 / CobaltStrikeDetected
  40行代码检测到大部分CobaltStrike的shellcode
  ☆293Updated 4 years ago
• veritas501 / CVE-2022-34918
  CVE-2022-34918 netfilter nf_tables 本地提权 POC
  ☆219Updated 3 years ago
• Hackerl / go-probe-ebpf
  Golang eBPF RASP
  ☆10Updated 2 years ago
• QAX-A-Team / ptrace
  a PoC for Linux to get around agents that log commands being executed, without root privilege. Linux低权限模糊化执行的程序名和参数，避开基于execve系统调用监控的命令日志
  ☆245Updated 6 years ago
• LaPhilosophie / hello-rootkit
  一个基于LKM的Linux内核级rootkit的实现，包含模块隐藏、提权、文件隐藏、进程隐藏、端口隐藏功能
  ☆114Updated last year
• PowerLZY / Bold-Falcon
  毕方智能云沙箱(Bold-Falcon)是一个开源的自动化恶意软件分析系统;
  ☆157Updated 2 years ago
• h4ckm310n / Container-Vulnerability-Exploit
  容器安全漏洞的分析与复现
  ☆160Updated last year
• TomAPU / WAF-rules
  ☆22Updated 6 years ago
• bytedance / Elkeid-HUB
  Elkeid HUB is a rule/event processing engine maintained by the Elkeid Team that supports streaming/offline (not yet supported by the comm…
  ☆103Updated 2 years ago
• ycdxsb / Windows_Security_Resources
  Windows Security Resources
  ☆74Updated 4 years ago
• wINfOG / My_Reverse_Book
  愿我的努力与付出，能成为你向上攀登的基石。要是10年前有人告诉我这些就好了。
  ☆250Updated 6 months ago
• Ramos-dev / graph4code
  超硬核！使用图数据技术发现软件漏洞
  ☆185Updated 4 years ago
• bb33bb / CVE-2022-2639-PipeVersion
  CVE-2022-2639 Linux kernel openvswitch local privilege escalation
  ☆111Updated 3 years ago
• The-Itach1 / Audit
  使用idapython写的一个辅助二进制固件漏洞挖掘的代码审计脚本
  ☆47Updated 3 years ago
• ODDFuzz / ODDFuzz
  S&P2023 Paper
  ☆39Updated 3 years ago
• tr3ee / CVE-2021-4204
  CVE-2021-4204: Linux Kernel eBPF Local Privilege Escalation
  ☆62Updated 3 years ago