Detection of rootkit file hiding activities through analysis of shifts in kernel function execution times.
☆29Sep 10, 2025Updated 7 months ago
Alternatives and similar repositories for rootkit-detection-ebpf-time-trace
Users that are interested in rootkit-detection-ebpf-time-trace are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Windows anti-forensics module☆25Apr 20, 2026Updated 2 weeks ago
- Detect strange memory regions and DLLs☆191Jan 20, 2022Updated 4 years ago
- Academic research rootkit using ftrace-hooking to hide files and processes via magic word or user/group. Tested until Linux 6.11.☆47Jun 5, 2025Updated 11 months ago
- Tools for playing w/ CobaltStrike config - extractin, detection, processing, etc...☆28Apr 13, 2023Updated 3 years ago
- linux ebpf backdoor demo☆12Nov 20, 2024Updated last year
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- The omegaUp sandbox☆14Feb 13, 2023Updated 3 years ago
- Multi-agent AI system using GPT-4o, DeepSeek v3, and Llama 3.3 to detect if CVE vulnerabilities were exploited as zero-days. Analyzes…☆20Feb 13, 2026Updated 2 months ago
- Demonstrating how you can take an action to your intrusions detected by Falco using OpenFaaS functions☆26Mar 24, 2021Updated 5 years ago
- This is the repository for the code and artifacts related to the CCS2022 paper: C2C: Fine-grained Configuration-driven System Call Filter…☆11Nov 4, 2022Updated 3 years ago
- medium interaction postgresql honeypot☆12Aug 6, 2024Updated last year
- DEFCON 33 Workshop - Open Source Malware 101 - Everything you always wanted to know about npm malware (and more)☆16Aug 8, 2025Updated 8 months ago
- Open Source eBPF Malware Analysis Framework☆54Oct 20, 2024Updated last year
- Waffle is a library for integrating a Web Application Firewall (WAF) into Go applications.☆18Updated this week
- Keklick - C2 Hunting, Reporting and Visualization Tool☆63Jul 23, 2025Updated 9 months ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Debian10-Linux4.19 Hook sys_call_table By IDT☆11May 9, 2020Updated 5 years ago
- A Windows tool that converts LDIF files to BloodHound CE☆31Dec 20, 2025Updated 4 months ago
- eBPF Programs☆67Jul 3, 2025Updated 10 months ago
- A program for backup & restoration of btrfs subvolumes.☆13Mar 20, 2026Updated last month
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆141Feb 28, 2023Updated 3 years ago
- ☆12Mar 24, 2018Updated 8 years ago
- For BambooFox☆14Sep 25, 2016Updated 9 years ago
- Dataset from Linux Raspian VMs and devices with auditd logs capturing various container escape and attacks.☆15Jul 30, 2022Updated 3 years ago
- Enrich your investigations on IPs, Domains etc. with OSINT☆65Apr 4, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Simple music player for iOS using industry standard development practises☆10Jul 18, 2025Updated 9 months ago
- Matryoshka - stacked LKM loader☆55Oct 8, 2023Updated 2 years ago
- This repository provides a comprehensive Digital Footprint Checklist to help individuals manage their online presence and enhance privacy…☆17Dec 25, 2024Updated last year
- Vulnerable application for security issues demo☆18Jan 18, 2019Updated 7 years ago
- fuzz the linux kernel bpf verifier☆83Oct 9, 2021Updated 4 years ago
- A frozen version of angr for the SAILR paper☆16Sep 4, 2024Updated last year
- nysm is a stealth post-exploitation container.☆267Jun 19, 2025Updated 10 months ago
- Talk to a USB serial device without OS drivers!☆11Sep 7, 2022Updated 3 years ago
- An open-source tool for efficiently parsing x64dbg trace files (.trace32 & .trace64).☆43Jan 20, 2026Updated 3 months ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Kiddy - (linux) kernel identity spoofer☆16Mar 18, 2024Updated 2 years ago
- Tool for parsing hungarian laws (Rust version)☆12Aug 1, 2023Updated 2 years ago
- Proof-of-Concept to evade auditd by tampering via ptrace☆19Aug 3, 2023Updated 2 years ago
- Official implementation of "Poisoning Attacks on Cyber Attack Detectors for Industrial Control Systems" by Moshe Kravchik, Battista Biggi…☆14Mar 22, 2021Updated 5 years ago
- ☆13Jan 28, 2026Updated 3 months ago
- Mishky's AD Range & The Escalation Path from Hell, Version 1.1☆13May 7, 2025Updated 11 months ago
- misc scripts/utils that I've written that aren't deserving of own repos.☆14Aug 18, 2021Updated 4 years ago