Vali-Cyber / ebpf-attacksLinks
A collection of bypasses and exploits for eBPF-based cloud security.
☆22Updated last year
Alternatives and similar repositories for ebpf-attacks
Users that are interested in ebpf-attacks are comparing it to the libraries listed below
Sorting:
- ☆88Updated 10 months ago
- Trace deep kernel events through eBPF and lsm hooks☆36Updated 4 years ago
- bpflock - eBPF driven security for locking and auditing Linux machines☆147Updated 3 years ago
- Publications from the eBPF foundation☆23Updated 6 months ago
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆131Updated 2 years ago
- Linux Kernel Runtime Integrity with eBPF☆177Updated last year
- VED-eBPF: Kernel Exploit and Rootkit Detection using eBPF☆158Updated 8 months ago
- POC for Phantom Attack☆83Updated 2 years ago
- This tool have the power to hide any PID/directory in the Linux kernel☆27Updated 8 months ago
- 🐝 Ransomware Detection using Machine Learning with eBPF for Linux.☆63Updated 6 months ago
- Open Source eBPF Malware Analysis Framework☆48Updated 7 months ago
- An eBPF detection program for CVE-2022-0847☆28Updated 2 years ago
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.☆74Updated last year
- Red Canary's eBPF Sensor☆107Updated 2 weeks ago
- eBPF Memory Dump Tool☆70Updated last week
- A process level network security monitoring and enforcement project for Kubernetes, using eBPF☆43Updated 4 years ago
- Example BPF program with LSM hooks☆33Updated 4 years ago
- Rust Linux Kernel Module designed for LKM rootkit detection☆45Updated 2 months ago
- Disable SSL certificate verification for all binaries that use libssl☆49Updated 2 years ago
- Kubernetes offensive framework built in eBPF☆37Updated 2 years ago
- Analysis of syscall sequence pattern from exploit codes for advanced system call sequence filtering for enhanced container security☆16Updated 2 years ago
- monitor and protect SSH sessions with eBPF☆69Updated 3 years ago
- CO-RE code for the Netdata eBPF plugin.☆14Updated last week
- LSM BPF module to block pwnkit (CVE-2021-4034) like exploits☆21Updated 3 years ago
- ☆11Updated 4 months ago
- suidsnoop is a tool based on eBPF LSM programs that logs whenever a suid binary is executed and implements custom allow/deny lists.☆16Updated 3 years ago
- asnfuzzgen - ASN.1 Structure-Aware Fuzzing Compiler☆42Updated 9 months ago
- An eBPF playground☆206Updated last year
- Use eBPF to inject chaos into local processes☆64Updated 8 months ago
- kubernetes rootkit☆31Updated last year