containerscrew / rootisnakedLinks
Simple root privilege escalation detection using eBPF π
β12Updated 4 months ago
Alternatives and similar repositories for rootisnaked
Users that are interested in rootisnaked are comparing it to the libraries listed below
Sorting:
- Publications from the eBPF foundationβ23Updated 7 months ago
- β74Updated this week
- β88Updated 11 months ago
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.β21Updated 9 months ago
- A replacement for "kubectl exec" that works over WebSocket connections.β40Updated last year
- β20Updated last month
- β41Updated last month
- K8s API Honeypot with Active Defense Capabilitiesβ40Updated last year
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.β100Updated 5 months ago
- Kubernetes offensive framework built in eBPFβ37Updated 2 years ago
- This tool have the power to hide any PID/directory in the Linux kernelβ27Updated 9 months ago
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.β74Updated last year
- β11Updated 4 months ago
- A simple mitmproxy blueprint to intercept HTTPS traffic from app running on Kubernetesβ69Updated 2 months ago
- Threat Modeling (based on STRIDE approach) for Kubernetes systems.β22Updated 8 months ago
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).β81Updated last year
- etcd-k8s-extract takes in an etcd data directory or db file used in kubernetes, extracts the kubernetes resources and then writes the resβ¦β37Updated 5 months ago
- Protect your Cloud Native Applications running on Kubernetes from malicious attacks with pre-registered source code, pre-registered runtiβ¦β56Updated 6 months ago
- β21Updated 7 months ago
- Open Source runtime tool which help to detect malware code execution and run time mis-configuration change on a kubernetes clusterβ36Updated 3 years ago
- β63Updated 2 years ago
- Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS, HTTP and SYSLOG Appβ¦β65Updated 2 months ago
- β88Updated 3 weeks ago
- Demo repository for running eBPF in GitHub Actionsβ19Updated 3 months ago
- A collection of bypasses and exploits for eBPF-based cloud security.β23Updated last year
- proof-of-concept example of using eBPF to Monitor for eBPF Map tamperingβ22Updated 4 years ago
- Adversary emulation for EDR/SIEM testing (macOS/Linux)β46Updated last year
- An query language and interactive tooling to work with SBOM data.β14Updated 8 months ago
- β16Updated 11 months ago
- A Golang library for interacting with the EPSS (Exploit Prediction Scoring System).β28Updated 4 months ago