airbus-cert / dirtypipe-ebpf_detectionLinks
An eBPF detection program for CVE-2022-0847
☆28Updated 3 years ago
Alternatives and similar repositories for dirtypipe-ebpf_detection
Users that are interested in dirtypipe-ebpf_detection are comparing it to the libraries listed below
Sorting:
- Sandfly Linux Stealth Rootkit Decloaking Utility☆101Updated 2 years ago
- A collection of projects demonstrating various commandline cloaking techniques on Linux☆58Updated 2 years ago
- ☆89Updated last year
- Dectect syscall hooking using eBPF☆159Updated 2 years ago
- VED-eBPF: Kernel Exploit and Rootkit Detection using eBPF☆163Updated 10 months ago
- POC for Phantom Attack☆83Updated 2 years ago
- insject is a tool for poking at containers. It enables you to run an arbitrary command in a container or any mix of Linux namespaces.☆50Updated 3 years ago
- Rust Linux Kernel Module designed for LKM rootkit detection☆49Updated 4 months ago
- Paracosme is a zero-click remote memory corruption exploit that compromises ICONICS Genesis64 which was demonstrated successfully on stag…☆89Updated last year
- Mara is a userland pty/tty sniffer☆53Updated last year
- YARI is an interactive debugger for YARA Language.☆88Updated last month
- Open Source eBPF Malware Analysis Framework☆48Updated 9 months ago
- Red Canary's eBPF Sensor☆108Updated last month
- Cisco ASA Software and ASDM Security Research☆85Updated 2 years ago
- Linux Kernel Runtime Integrity with eBPF☆180Updated last year
- Circumventing "noexec" mount flag to execute arbitrary linux binaries by ptrace-less process injection☆120Updated 2 months ago
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆133Updated 2 years ago
- Linux Kernel module-less implant (backdoor)☆74Updated 4 years ago
- ☆31Updated 3 years ago
- bdvl☆114Updated 3 years ago
- Project containing several tools/ scripts to recover the OpenSSH session keys used to encrypt/ decrypt SSH traffic.☆90Updated last year
- Presentations from the CX Security Labs team☆33Updated last week
- Example program using eBPF to log data being based in using shell pipes☆41Updated 4 years ago
- Execute MachO binaries in memory using CGo☆81Updated 4 years ago
- Simple WebSocket fuzzer☆33Updated 2 years ago
- A pcap capture analysis helper☆24Updated last year
- Userland exec PoC to be used as attack vector technique☆85Updated 6 months ago
- This tool have the power to hide any PID/directory in the Linux kernel☆28Updated 10 months ago
- Finds imports that could be exploited, still requires manual analysis.☆27Updated 2 years ago
- ☆63Updated last year