citronneur / pamspyLinks
Credentials Dumper for Linux using eBPF
☆1,145Updated last year
Alternatives and similar repositories for pamspy
Users that are interested in pamspy are comparing it to the libraries listed below
Sorting:
- A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.☆1,903Updated last year
- Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.☆1,637Updated last year
- A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.☆866Updated 6 months ago
- eBPF Port Knocking Tool☆235Updated 2 years ago
- Connect like there is no firewall. Securely.☆1,748Updated last week
- SSH-MITM - ssh audits made simple☆1,410Updated this week
- MD5-Monomorphic Shellcode Packer - all payloads have the same MD5 hash☆797Updated 3 years ago
- Statically-linked ssh server with reverse shell functionality for CTFs and such☆999Updated 2 years ago
- ebpfkit is a rootkit powered by eBPF☆810Updated 2 years ago
- Execute ELF files without dropping them on disk☆498Updated last year
- Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.☆1,465Updated 2 years ago
- Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers.☆825Updated 3 weeks ago
- Windows x64 handcrafted token stealing kernel-mode shellcode☆510Updated last year
- Scan memory for secrets and more. Maybe eventually a full /proc toolkit.☆660Updated 3 years ago
- SSH based reverse shell☆1,251Updated 2 weeks ago
- Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs☆1,224Updated 2 years ago
- Google Compute Engine (GCE) VM takeover via DHCP flood - gain root access by getting SSH keys added by google_guest_agent☆536Updated 4 years ago
- A root exploit for CVE-2022-0847 (Dirty Pipe)☆1,117Updated 3 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆1,455Updated 2 years ago
- A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29☆661Updated last year
- Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/☆1,786Updated 2 years ago
- Wiretap is a transparent, VPN-like proxy server that tunnels traffic via WireGuard and requires no special privileges to run.☆1,008Updated 2 weeks ago
- Sandman is a NTP based backdoor for hardened networks.☆808Updated last year
- CVE-2022-0995 exploit☆496Updated 3 years ago
- Inject a shared library (i.e. arbitrary code) into a live linux process, without ptrace☆808Updated 7 months ago
- Fully dockerized Linux kernel debugging environment☆767Updated last year
- Red-Team Linux kernel rootkit☆581Updated this week
- Shellcode injection technique. Given as C++ header, standalone Rust program or library.☆706Updated 2 years ago
- DeimosC2 is a Golang command and control framework for post-exploitation.☆1,139Updated 5 months ago
- Tracking interesting Linux (and UNIX) malware. Send PRs☆1,194Updated 4 months ago