citronneur / pamspy
Credentials Dumper for Linux using eBPF
☆1,136Updated 6 months ago
Alternatives and similar repositories for pamspy:
Users that are interested in pamspy are comparing it to the libraries listed below
- A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.☆1,826Updated 11 months ago
- Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.☆1,595Updated last year
- ebpfkit is a rootkit powered by eBPF☆782Updated 2 years ago
- eBPF Port Knocking Tool☆232Updated last year
- A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.☆821Updated last week
- Windows x64 handcrafted token stealing kernel-mode shellcode☆506Updated 11 months ago
- Connect like there is no firewall. Securely.☆1,652Updated this week
- MD5-Monomorphic Shellcode Packer - all payloads have the same MD5 hash☆786Updated 2 years ago
- Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.☆1,388Updated 2 years ago
- Statically-linked ssh server with reverse shell functionality for CTFs and such☆955Updated 2 years ago
- SSH-MITM - ssh audits made simple☆1,379Updated 3 weeks ago
- Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs☆1,188Updated last year
- A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29☆592Updated 8 months ago
- Fully dockerized Linux kernel debugging environment☆748Updated 6 months ago
- CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation☆564Updated 2 years ago
- Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your enviro…☆1,211Updated 7 months ago
- Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.☆1,074Updated last month
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆1,430Updated last year
- Inject a shared library (i.e. arbitrary code) into a live linux process, without ptrace☆785Updated last month
- Scan memory for secrets and more. Maybe eventually a full /proc toolkit.☆645Updated 2 years ago
- Linux Application Level Firewall based on eBPF and NFQUEUE.☆697Updated last year
- A crossplatform mDNS enumeration tool.☆349Updated 2 years ago
- Linux Kernel Defence Map shows the relationships between vulnerability classes, exploitation techniques, bug detection mechanisms, and de…☆1,873Updated 3 months ago
- CVE-2022-0995 exploit☆496Updated 3 years ago
- A root exploit for CVE-2022-0847 (Dirty Pipe)☆1,095Updated 3 years ago
- Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/☆1,752Updated 2 years ago
- Execute ELF files without dropping them on disk☆491Updated 9 months ago
- Redress - A tool for analyzing stripped Go binaries☆1,012Updated last week
- Practice Go programming and implement CobaltStrike's Beacon in Go☆1,181Updated 4 years ago
- This repository includes code and IoCs that are the product of research done in Akamai's various security research teams.☆489Updated 3 months ago