eBPF Port Knocking Tool
☆238Aug 23, 2023Updated 2 years ago
Alternatives and similar repositories for knockles
Users that are interested in knockles are comparing it to the libraries listed below
Sorting:
- Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.☆1,664Oct 19, 2023Updated 2 years ago
- nysm is a stealth post-exploitation container.☆267Jun 19, 2025Updated 8 months ago
- Linux Kernel Runtime Integrity with eBPF☆184Nov 23, 2023Updated 2 years ago
- A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.☆1,945Apr 7, 2024Updated last year
- Credentials Dumper for Linux using eBPF☆1,157Sep 9, 2024Updated last year
- VBScript & VBA source-to-source deobfuscator with partial-evaluation☆80Aug 7, 2024Updated last year
- A fancy-schmancy tcpdump-esque TUI, programmed in Go.☆377May 1, 2022Updated 3 years ago
- Fully dockerized Linux kernel debugging environment☆770Sep 23, 2024Updated last year
- ☆21Jun 3, 2021Updated 4 years ago
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆23Aug 30, 2024Updated last year
- A python package that helps with analysis of MSI files☆14Mar 28, 2021Updated 4 years ago
- reboot of https://github.com/Genetic-Malware/Ebowla in order to simplify / modernize the codebase and provide ongoing support☆23Sep 15, 2021Updated 4 years ago
- CVE-2023-1671-POC, based on dnslog platform☆17Apr 26, 2023Updated 2 years ago
- Make Portable AppImages from Distro Packages☆20Feb 17, 2022Updated 4 years ago
- build distroless images with alpine tools☆130May 17, 2022Updated 3 years ago
- Linux Process Discovery. C Library, Go bindings, Runtime.☆223Jul 20, 2022Updated 3 years ago
- A Linux x86/x86-64 tool to trace registers and memory regions.☆40Jun 9, 2022Updated 3 years ago
- Parses BGP/AS data from multiple different sources☆11Dec 4, 2021Updated 4 years ago
- flexible, structured event replication format for DNS servers (Protocol Buffers schema)☆27Feb 1, 2025Updated last year
- Linux Runtime Security and Forensics using eBPF☆4,406Updated this week
- GUSTAVE is a fuzzing platform for embedded OS kernels. It is based on QEMU and AFL (and all of its forkserver siblings). It allows to fuz…☆202Jul 28, 2021Updated 4 years ago
- The Noisy Sockets CLI☆264Sep 20, 2024Updated last year
- A Rust library for managing eBPF programs.☆123Feb 26, 2024Updated 2 years ago
- ☆21Sep 25, 2018Updated 7 years ago
- Slides and videos from talks given at cons☆25Jun 19, 2025Updated 8 months ago
- 非流量触发Ring 3后门/Non-traffic triggers Ring 3 backdoor☆22May 1, 2024Updated last year
- Process behaviour anomaly detection using eBPF and unsupervised-learning Autoencoders☆138Aug 15, 2022Updated 3 years ago
- eBPF-based Security Observability and Runtime Enforcement☆4,463Updated this week
- Simple implementation of an AppSec Pipeline using the Gasp library☆13Sep 8, 2019Updated 6 years ago
- ☆10May 12, 2022Updated 3 years ago
- JA4TScan is an active TCP server fingerprinting tool.☆105Aug 29, 2024Updated last year
- Linux Application Level Firewall based on eBPF and NFQUEUE.☆705Nov 5, 2023Updated 2 years ago
- OCI hook to trace syscalls and generate a seccomp profile☆338Feb 12, 2026Updated 3 weeks ago
- Shape your traffic the BPF way☆81Jul 14, 2023Updated 2 years ago
- ptrace-based event producer for udig☆67Jul 20, 2022Updated 3 years ago
- Linux system calls.☆217Nov 18, 2019Updated 6 years ago
- Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS☆1,658Jan 8, 2025Updated last year
- Reference DHCP client in go☆10Jul 1, 2024Updated last year
- ☆12May 13, 2024Updated last year