citronneur / blindssl

Related projects: ⓘ

• pathtofile / bpf-pipesnoop
  Example program using eBPF to log data being based in using shell pipes
  ☆40Updated 3 years ago
• pathtofile / bpf-hookdetect
  Dectect syscall hooking using eBPF
  ☆139Updated last year
• rexguowork / phantom-attack
  POC for Phantom Attack
  ☆79Updated 2 years ago
• redcanaryco / ebpfmon
  ☆82Updated 2 months ago
• trailofbits / ebpf-verifier
  Harness for the Linux kernel eBPF verifier
  ☆32Updated 2 years ago
• arthepsy / linux-portable-bin
  Portable (static / old glibc linked) Linux binaries for red-team / blue-team
  ☆14Updated 6 months ago
• yasindce1998 / KubeDagger
  Kubernetes offensive framework built in eBPF
  ☆34Updated last year
• kkamagui / alcatraz
  Alcatraz project for Black Hat USA 2021
  ☆76Updated 3 years ago
• airbus-cert / dirtypipe-ebpf_detection
  An eBPF detection program for CVE-2022-0847
  ☆27Updated 2 years ago
• blechschmidt / tlsdump
  A ptrace-based TLS 1.2 master secret extractor for reverse engineering (PoC)
  ☆23Updated 6 months ago
• netdata / ebpf-co-re
  CO-RE code for the Netdata eBPF plugin.
  ☆11Updated 2 weeks ago
• hardenedvault / ved-ebpf
  VED-eBPF: Kernel Exploit and Rootkit Detection using eBPF
  ☆147Updated last week
• lumontec / lsmtrace
  Trace deep kernel events through eBPF and lsm hooks
  ☆32Updated 3 years ago
• linux-lock / bpflock
  bpflock - eBPF driven security for locking and auditing Linux machines
  ☆136Updated 2 years ago
• nccgroup / insject
  insject is a tool for poking at containers. It enables you to run an arbitrary command in a container or any mix of Linux namespaces.
  ☆49Updated 2 years ago
• sam4k / lica
  A hacky tool for analysing linux kernel commits
  ☆35Updated last year
• pathtofile / commandline_cloaking
  A collection of projects demonstrating various commandline cloaking techniques on Linux
  ☆53Updated 2 years ago
• kiosk404 / openssl_tracer
  openssl tracer using eBPF
  ☆13Updated 2 years ago
• SafeBreach-Labs / CoWTools
  Tools for analyzing Windows containers and break container's isolation
  ☆27Updated 2 years ago
• pokerfaceSad / CVE-2021-1056
  PoC for CVE-2021-1056, related to GPU Container Security
  ☆15Updated 3 years ago
• PaloAltoNetworks / can-ctr-escape-cve-2022-0492
  Test whether a container environment is vulnerable to container escapes via CVE-2022-0492
  ☆46Updated 2 years ago
• bodgergely / linux_kernel_hacking
  Hacking the Linux kernel
  ☆13Updated last year
• Gui774ume / fsprobe
  A file system events notifier based on eBPF
  ☆54Updated last year
• milabs / kopycat
  Linux Kernel module-less implant (backdoor)
  ☆64Updated 3 years ago
• hacktivesec / KRWX
  Kernel Read Write Execute
  ☆34Updated 3 weeks ago
• grimm-co / linuxklee
  Pulled out Linux kernel code to run in userland so they could be targeted by AFL and KLEE
  ☆19Updated 4 years ago
• Asphaltt / socketrace
  socketrace is an eBPF-based tool to trace kernel socket events. License Apache 2.0 and GPL-2.0
  ☆27Updated 7 months ago
• Gui774ume / ebpfkit-monitor
  ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits
  ☆120Updated last year
• irsl / CVE-2020-1967
  Proof of concept exploit about OpenSSL signature_algorithms_cert DoS flaw (CVE-2020-1967)
  ☆19Updated 3 months ago
• immune-gmbh / tpm-vuln-checker
  Checks for tpm vulnerabilities
  ☆35Updated last year