Vali-Cyber / ebpf-attacksLinks
A collection of bypasses and exploits for eBPF-based cloud security.
☆23Updated last year
Alternatives and similar repositories for ebpf-attacks
Users that are interested in ebpf-attacks are comparing it to the libraries listed below
Sorting:
- ☆88Updated 11 months ago
- VED-eBPF: Kernel Exploit and Rootkit Detection using eBPF☆158Updated 9 months ago
- Trace deep kernel events through eBPF and lsm hooks☆37Updated 4 years ago
- bpflock - eBPF driven security for locking and auditing Linux machines☆147Updated 3 years ago
- Publications from the eBPF foundation☆23Updated 7 months ago
- Example BPF program with LSM hooks☆33Updated 4 years ago
- 🐝 Ransomware Detection using Machine Learning with eBPF for Linux.☆64Updated 6 months ago
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆132Updated 2 years ago
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.☆74Updated last year
- Alcatraz project for Black Hat USA 2021☆78Updated 3 years ago
- Linux Kernel Runtime Integrity with eBPF☆179Updated last year
- POC for Phantom Attack☆83Updated 2 years ago
- Red Canary's eBPF Sensor☆107Updated last week
- Checks for tpm vulnerabilities☆37Updated 2 years ago
- This tool have the power to hide any PID/directory in the Linux kernel☆27Updated 9 months ago
- Analysis of syscall sequence pattern from exploit codes for advanced system call sequence filtering for enhanced container security☆16Updated 2 years ago
- A process level network security monitoring and enforcement project for Kubernetes, using eBPF☆43Updated 5 years ago
- eBPF Memory Dump Tool☆73Updated this week
- Open Source eBPF Malware Analysis Framework☆48Updated 8 months ago
- Userland exec PoC to be used as attack vector technique☆85Updated 4 months ago
- Rust Linux Kernel Module designed for LKM rootkit detection☆48Updated 3 months ago
- ☆23Updated 2 years ago
- Linux based vulnerabilities (CVE) exploit detection through runtime security using Falco/Osquery/Yara/Sigma☆21Updated last year
- Disable SSL certificate verification for all binaries that use libssl☆49Updated 2 years ago
- A collection of projects demonstrating various commandline cloaking techniques on Linux☆58Updated 2 years ago
- suidsnoop is a tool based on eBPF LSM programs that logs whenever a suid binary is executed and implements custom allow/deny lists.☆16Updated 3 years ago
- Kubernetes offensive framework built in eBPF☆37Updated 2 years ago
- ☆63Updated 2 years ago
- Use eBPF to inject chaos into local processes☆64Updated 9 months ago
- Various utilities useful for developers writing BPF tools☆30Updated 2 years ago