containerscrew / rootisnakedLinks
Simple root privilege escalation detection using eBPF π
β12Updated 5 months ago
Alternatives and similar repositories for rootisnaked
Users that are interested in rootisnaked are comparing it to the libraries listed below
Sorting:
- Publications from the eBPF foundationβ23Updated 8 months ago
- β81Updated last week
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.β106Updated 6 months ago
- A simple mitmproxy blueprint to intercept HTTPS traffic from app running on Kubernetesβ71Updated 3 months ago
- β88Updated last year
- A replacement for "kubectl exec" that works over WebSocket connections.β40Updated last year
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.β74Updated last year
- Threat Modeling (based on STRIDE approach) for Kubernetes systems.β25Updated 9 months ago
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).β82Updated last year
- β42Updated 2 months ago
- Kubernetes offensive framework built in eBPFβ37Updated 2 years ago
- π Seccomp profiling and function-level tracing tool.β156Updated last month
- β21Updated 2 months ago
- Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS, HTTP and SYSLOG Appβ¦β65Updated 3 months ago
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko geneβ¦β104Updated last year
- β21Updated 8 months ago
- β11Updated 5 months ago
- K8s API Honeypot with Active Defense Capabilitiesβ40Updated last year
- AttachΓ© provides an emulation layer for Cloud Provider IMDS APIsβ57Updated last year
- VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilitiesβ102Updated 9 months ago
- π Ransomware Detection using Machine Learning with eBPF for Linux.β64Updated 7 months ago
- Linux Process Discovery. C Library, Go bindings, Runtime.β222Updated 2 years ago
- Threat-informed defense for cloudnative: Reference Implementation of a so-called Honeycluster - The detection capabilities can also be usβ¦β51Updated this week
- Generate a variety of suspect actions that are detected by Falco rulesetsβ106Updated last month
- etcd-k8s-extract takes in an etcd data directory or db file used in kubernetes, extracts the kubernetes resources and then writes the resβ¦β37Updated 6 months ago
- β55Updated 2 weeks ago
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.β21Updated 10 months ago
- Measure UDP and TCP connection latency for IPv4 and IPv6 using eBPF and Goβ68Updated this week
- kntrl is an eBPF based runtime agent that monitors and prevents anomalous behaviour defined by you on your pipeline. kntrl achieves this β¦β116Updated 2 months ago
- β63Updated 2 years ago