gwillgues/BPFDoor external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

gwillgues/BPFDoor

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/gwillgues/BPFDoor)

Close

gwillgues / BPFDoorView on GitHubMore

• External links
• Readme badge

BPFDoor Source Code. Originally found from Chinese Threat Actor Red Menshen

☆270May 11, 2022Updated 3 years ago

Alternatives and similar repositories for BPFDoor

Users that are interested in BPFDoor are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• snapattack / bpfdoor-scanner

  View on GitHub
  BPFDoor Scanner - Check for Compromised Hosts
  ☆44May 12, 2022Updated 3 years ago
• raj3shp / bpfdoorpoc

  View on GitHub
  A small PoC for bpfdoor malware technique
  ☆20Feb 2, 2024Updated 2 years ago
• ChoiSG / bin2sideload

  View on GitHub
  ☆12Nov 12, 2023Updated 2 years ago
• xunyang1 / ssp_dump_lsass

  View on GitHub
  RPC 调用添加ssp扩展dump lsass
  ☆24Aug 16, 2022Updated 3 years ago
• timwhitez / Bof2PIC

  View on GitHub
  BOF/COFF obj file to PIC(shellcode). by golang
  ☆39Sep 28, 2022Updated 3 years ago
• Deploy open-source AI quickly and easily - Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• mr-tz / idapython

  View on GitHub
  IDAPython scripts
  ☆15Aug 24, 2017Updated 8 years ago
• edwardzpeng / Paper

  View on GitHub
  ☆10Mar 3, 2024Updated 2 years ago
• blackcon / HVFUZZ

  View on GitHub
  Hyper-V Fuzzer using hAFL2
  ☆11May 10, 2022Updated 3 years ago
• bluedragonsecurity / bds_lkm_ftrace

  View on GitHub
  Ftrace Based Linux Loadable Kernel Module Rootkit for Linux Kernel 5.x up to linux kernel 6.2 on x86_64, hides files, hides process, hide…
  ☆31Feb 4, 2026Updated 2 months ago
• CTFd / DynamicValueChallenge

  View on GitHub
  CTFd Challenge Type which decreases its value after every solve
  ☆18Feb 1, 2019Updated 7 years ago
• tahadraidia / rp4windbg

  View on GitHub
  Windbg extension port for rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.
  ☆13Sep 8, 2023Updated 2 years ago
• je5442804 / WPTaskScheduler_CVE-2024-49039

  View on GitHub
  WPTaskScheduler RPC Persistence & CVE-2024-49039 via Task Scheduler
  ☆142Jul 21, 2025Updated 8 months ago
• leodido / demo-cloud-native-ebpf-day

  View on GitHub
  Various eBPF programs for tracing network connections
  ☆32Oct 26, 2021Updated 4 years ago
• okppp990 / phishlets

  View on GitHub
  ☆12Jul 11, 2023Updated 2 years ago
• Deploy open-source AI quickly and easily - Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• MalwareLeaks / Conti-Ransomware-Source-Full

  View on GitHub
  Conti Ransomware malware leak WITH LOCKER
  ☆25Mar 5, 2022Updated 4 years ago
• chumachok / cat-soup

  View on GitHub
  ebpf covert channel rootkit
  ☆15Feb 6, 2024Updated 2 years ago
• sumeshi / ntfsfind

  View on GitHub
  An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.
  ☆28Updated this week
• ait-aecid / rootkit-detection-ebpf-time-trace

  View on GitHub
  Detection of rootkit file hiding activities through analysis of shifts in kernel function execution times.
  ☆29Sep 10, 2025Updated 7 months ago
• d0ub1ec0d3 / SharpEmailC2

  View on GitHub
  ☆18Nov 23, 2023Updated 2 years ago
• R3tr074 / exploits

  View on GitHub
  ☆47May 13, 2024Updated last year
• oXis / DoublePulsarPayload

  View on GitHub
  C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.
  ☆31Nov 9, 2021Updated 4 years ago
• tianstcht / CVE-2023-4427

  View on GitHub
  ☆28Feb 6, 2024Updated 2 years ago
• BronzeBee / cve-2023-23397

  View on GitHub
  Python script for sending e-mails with CVE-2023-23397 payload using SMTP
  ☆14Mar 22, 2023Updated 3 years ago
• Serverless GPU API endpoints on Runpod - Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• Dor00tkit / CVE-2024-30090

  View on GitHub
  CVE-2024-30090 - LPE PoC
  ☆107Oct 17, 2024Updated last year
• repnz / shellcode2exe

  View on GitHub
  Batch script to compile a binary shellcode blob into an exe file
  ☆90Jul 12, 2019Updated 6 years ago
• dexterm300 / CVE-2025-62215-exploit-poc

  View on GitHub
  CVE-2025-62215 is an Elevation of Privilege (EoP) vulnerability in the Windows Kernel, disclosed in November 2025 and confirmed to be act…
  ☆32Nov 14, 2025Updated 5 months ago
• MurryPuppins / Parasite

  View on GitHub
  Linux Kernel Module Rootkit with module hiding, RCE/reverse shell, and persistence capabilities
  ☆15Feb 23, 2023Updated 3 years ago
• akamai / CVE-2025-27636-Apache-Camel-PoC

  View on GitHub
  ☆42Mar 12, 2025Updated last year
• the-deniss / Vulnerability-Disclosures

  View on GitHub
  Vulnerability analysis and proof of concepts
  ☆40May 15, 2023Updated 2 years ago
• theSecHunter / Hades-Linux

  View on GitHub
  Hades is a Host-Based Intrusion Detection System based on both eBPF(kernel) and netlink/cn_proc(userspace).
  ☆28Dec 14, 2024Updated last year
• awgh / rawreader

  View on GitHub
  Implements io.ReaderAt over raw memory.
  ☆13Jun 26, 2020Updated 5 years ago
• mistymntncop / CVE-2024-7971

  View on GitHub
  ☆34Apr 14, 2025Updated last year
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• rabidwh0re / REALITY_SMASHER

  View on GitHub
  vRealize RCE + Privesc (CVE-2021-21975, CVE-2021-21983, CVE-0DAY-?????)
  ☆39Apr 7, 2021Updated 5 years ago
• Wh04m1001 / ZoneAlarmEoP

  View on GitHub
  Exploit for Arbitrary File Move vulnerability in ZoneAlarm AV
  ☆26Sep 26, 2022Updated 3 years ago
• n1ght-w0lf / pe-unmapper

  View on GitHub
  A small tool to unmap PE memory dumps.
  ☆11Nov 9, 2023Updated 2 years ago
• abougouffa / cia-hive

  View on GitHub
  Hive, a major component of the CIA infrastructure to control its malware.
  ☆17Dec 26, 2017Updated 8 years ago
• NtDallas / MemLoader

  View on GitHub
  Run native PE or .NET executables entirely in-memory. Build the loader as an .exe or .dll—DllMain is Cobalt Strike UDRL-compatible
  ☆274Jun 18, 2025Updated 10 months ago
• SaadAhla / VSCode-Backdoor

  View on GitHub
  Backdooring VSCode Projects
  ☆130Jun 5, 2025Updated 10 months ago
• veritas501 / glibc_got_hijack_study

  View on GitHub
  study https://github.com/n132/Libc-GOT-Hijacking
  ☆15Dec 7, 2023Updated 2 years ago