containerscrew / rootisnaked
Simple root privilege escalation detection using eBPF π
β12Updated 2 months ago
Alternatives and similar repositories for rootisnaked:
Users that are interested in rootisnaked are comparing it to the libraries listed below
- Publications from the eBPF foundationβ23Updated 4 months ago
- β69Updated 2 months ago
- K8s API Honeypot with Active Defense Capabilitiesβ40Updated last year
- β86Updated 9 months ago
- A simple mitmproxy blueprint to intercept HTTPS traffic from app running on Kubernetesβ65Updated this week
- β20Updated 10 months ago
- proof-of-concept example of using eBPF to Monitor for eBPF Map tamperingβ21Updated 3 years ago
- β11Updated 2 months ago
- egrets monitors egressβ45Updated 4 years ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.β79Updated 3 months ago
- This tool have the power to hide any PID/directory in the Linux kernelβ23Updated 6 months ago
- A replacement for "kubectl exec" that works over WebSocket connections.β38Updated last year
- Adversary emulation for EDR/SIEM testing (macOS/Linux)β40Updated last year
- Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS, HTTP and SYSLOG Appβ¦β60Updated this week
- etcd-k8s-extract takes in an etcd data directory or db file used in kubernetes, extracts the kubernetes resources and then writes the resβ¦β37Updated 2 months ago
- Threat Modeling (based on STRIDE approach) for Kubernetes systems.β21Updated 5 months ago
- An query language and interactive tooling to work with SBOM data.β14Updated 5 months ago
- This repo contains various examples to learn, explore, and experiment with eBPF.β61Updated last month
- Open Source runtime scanner for k8s cluster and perform security audit checks based on CIS Kubernetes Benchmark specificationβ65Updated 3 months ago
- β25Updated 10 months ago
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko geneβ¦β104Updated 11 months ago
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.β21Updated 7 months ago
- Kubernetes audit logging, when you don't control the control planeβ71Updated last week
- YouShallNotPass brings an added level of execution security to mission-critical CI/CD Systems.β36Updated last year
- Goby CLI eBPF Project Generatorβ30Updated last month
- π Seccomp profiling and function-level tracing tool.β151Updated last month
- A repository to store Rad Fingerprinting data.β24Updated 8 months ago
- A crawler for kernel releases distributed by the major Linux distributions.β13Updated 5 months ago
- β18Updated 2 weeks ago
- bpfluga is an agentless eBPF observability tool written in Go that deploys, manages, and detaches eBPF programs via SSH for deep kernel iβ¦β13Updated this week