airbus-cert / dirtypipe-ebpf_detectionLinks
An eBPF detection program for CVE-2022-0847
☆28Updated 3 years ago
Alternatives and similar repositories for dirtypipe-ebpf_detection
Users that are interested in dirtypipe-ebpf_detection are comparing it to the libraries listed below
Sorting:
- A collection of projects demonstrating various commandline cloaking techniques on Linux☆59Updated 3 years ago
- Sandfly Linux Stealth Rootkit Decloaking Utility☆103Updated 2 years ago
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆137Updated 2 years ago
- ☆89Updated last year
- insject is a tool for poking at containers. It enables you to run an arbitrary command in a container or any mix of Linux namespaces.☆50Updated 3 years ago
- Open Source eBPF Malware Analysis Framework☆51Updated 11 months ago
- VED-eBPF: Kernel Exploit and Rootkit Detection using eBPF☆167Updated last year
- Dectect syscall hooking using eBPF☆162Updated 2 years ago
- POC for Phantom Attack☆83Updated 3 years ago
- Linux Kernel Runtime Integrity with eBPF☆183Updated last year
- Mara is a userland pty/tty sniffer☆54Updated last year
- Paracosme is a zero-click remote memory corruption exploit that compromises ICONICS Genesis64 which was demonstrated successfully on stag…☆89Updated last year
- This tool have the power to hide any PID/directory in the Linux kernel☆29Updated last year
- ☆31Updated 4 years ago
- Userland exec PoC to be used as attack vector technique☆88Updated 2 weeks ago
- Example program using eBPF to log data being based in using shell pipes☆41Updated 4 years ago
- YARI is an interactive debugger for YARA Language.☆89Updated 3 weeks ago
- Linux BPF plugins for Volatility3☆22Updated last year
- A collection of bypasses and exploits for eBPF-based cloud security.☆25Updated last year
- This is a PoC exploit for CVE-2020-8559 Kubernetes Vulnerability☆54Updated 5 years ago
- Evasive ELF Static PIE User-Land-Exec featured in Tmpout Vol 1.☆28Updated 4 years ago
- Cisco ASA Software and ASDM Security Research☆85Updated 3 years ago
- Execute MachO binaries in memory using CGo☆81Updated 4 years ago
- Heavily-modified fork of David Buchanan's dlinject project. Injects arbitrary assembly (or precompiled binary) payloads directly into x86…☆139Updated 2 years ago
- A pcap capture analysis helper☆25Updated 2 years ago
- bdvl☆114Updated 3 years ago
- ☆26Updated last year
- ☆48Updated 3 years ago
- Finds imports that could be exploited, still requires manual analysis.☆29Updated 2 years ago
- Scapy hands-on☆34Updated last year