eeriedusk / knockles

Related projects ⓘ

Alternatives and complementary repositories for knockles

• krisnova / xpid
  Linux Process Discovery. C Library, Go bindings, Runtime.
  ☆218Updated 2 years ago
• evilsocket / ebpf-process-anomaly-detection
  Process behaviour anomaly detection using eBPF and unsupervised-learning Autoencoders
  ☆127Updated 2 years ago
• quarkslab / peetch
  An eBPF playground
  ☆195Updated 11 months ago
• citronneur / pamspy
  Credentials Dumper for Linux using eBPF
  ☆1,116Updated 2 months ago
• jafarlihi / modreveal
  Utility to find hidden Linux kernel modules
  ☆147Updated last year
• exein-io / kepler
  NIST-based CVE lookup store and API powered by Rust.
  ☆126Updated 3 weeks ago
• Gui774ume / ssh-probe
  monitor and protect SSH sessions with eBPF
  ☆65Updated 3 years ago
• TimeToogo / remote-pty
  Tricking shells into interactive mode when local PTY's are not available
  ☆141Updated 2 years ago
• redcanaryco / oxidebpf
  A Rust library for managing eBPF programs.
  ☆116Updated 8 months ago
• liamg / siphon
  Intercept stdin/stdout/stderr for any process
  ☆196Updated 2 years ago
• anvilsecure / ulexecve
  ulexecve is a userland execve() implementation which helps you execute arbitrary ELF binaries on Linux from userland without the binaries…
  ☆180Updated 10 months ago
• poettering / diskomator
  🦠 NVMe-TCP at your fingertips 🦠
  ☆295Updated 6 months ago
• c-grimshaw / gosniff
  A fancy-schmancy tcpdump-esque TUI, programmed in Go.
  ☆363Updated 2 years ago
• noisysockets / nsh
  The Noisy Sockets CLI
  ☆254Updated 2 months ago
• redcanaryco / redcanary-ebpf-sensor
  Red Canary's eBPF Sensor
  ☆101Updated 4 months ago
• jamespwilliams / dns-over-ping
  DNS-over-ping(8)
  ☆125Updated 2 years ago
• winterknife / PINKPANTHER
  Windows x64 handcrafted token stealing kernel-mode shellcode
  ☆503Updated 7 months ago
• hackerschoice / bpfhacks
  eBPF hacks
  ☆173Updated 2 months ago
• rpetrich / callander
  Simple syscall sandboxing for Linux
  ☆128Updated this week
• alessandrod / snuffy
  Snuffy is a simple command line tool to inspect SSL/TLS data.
  ☆290Updated 4 years ago
• hardenedvault / ved-ebpf
  VED-eBPF: Kernel Exploit and Rootkit Detection using eBPF
  ☆150Updated 2 months ago
• dlenski / what-vpn
  Identify servers running various SSL VPNs based on protocol-specific behaviors
  ☆81Updated last month
• Gui774ume / ebpfkit
  ebpfkit is a rootkit powered by eBPF
  ☆761Updated last year
• linux-lock / bpflock
  bpflock - eBPF driven security for locking and auditing Linux machines
  ☆136Updated 2 years ago
• hackerschoice / zapper
  Zaps arguments and environment from the process list
  ☆179Updated 6 months ago
• redcanaryco / ebpfmon
  ☆84Updated 4 months ago
• Gui774ume / ebpfkit-monitor
  ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits
  ☆123Updated last year
• BishopFox / asminject
  Heavily-modified fork of David Buchanan's dlinject project. Injects arbitrary assembly (or precompiled binary) payloads directly into x86…
  ☆117Updated 2 years ago
• PurpleVsGreen / beacown
  ☆128Updated 2 years ago