h3xduck / TripleCrossLinks
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
☆1,902Updated last year
Alternatives and similar repositories for TripleCross
Users that are interested in TripleCross are comparing it to the libraries listed below
Sorting:
- Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.☆1,637Updated 2 years ago
- Credentials Dumper for Linux using eBPF☆1,147Updated last year
- ebpfkit is a rootkit powered by eBPF☆815Updated 2 years ago
- A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.☆869Updated 7 months ago
- A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29☆666Updated last year
- Red-Team Linux kernel rootkit☆593Updated this week
- Linux Kernel Hacking☆741Updated last year
- awesome-linux-rootkits☆1,952Updated 9 months ago
- LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)☆2,167Updated last week
- Linux/Windows post-exploitation framework made by linux user☆1,628Updated last week
- Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your enviro…☆1,252Updated last year
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆1,461Updated 2 years ago
- DeimosC2 is a Golang command and control framework for post-exploitation.☆1,137Updated 6 months ago
- Connect like there is no firewall. Securely.☆1,753Updated 3 weeks ago
- Shikata ga nai (仕方がない) encoder ported into go with several improvements☆1,848Updated last year
- Execute ELF files without dropping them on disk☆498Updated last year
- Hide a process under Linux using the ld preloader (https://sysdig.com/blog/hiding-linux-processes-for-fun-and-profit/)☆1,104Updated 6 years ago
- A tool to kill antimalware protected processes☆1,476Updated 4 years ago
- Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.☆1,465Updated 3 years ago
- Statically-linked ssh server with reverse shell functionality for CTFs and such☆1,000Updated 2 years ago
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆1,193Updated 2 years ago
- Template-Driven AV/EDR Evasion Framework☆1,737Updated last year
- ☆2,152Updated 2 years ago
- Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)☆1,396Updated 8 months ago
- SSH based reverse shell☆1,261Updated last month
- A post exploitation framework designed to operate covertly on heavily monitored environments☆2,156Updated 4 years ago
- ☆1,727Updated last year
- Redress - A tool for analyzing stripped Go binaries☆1,121Updated last week
- Nidhogg is an all-in-one simple to use windows kernel rootkit.☆2,104Updated this week
- CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation☆575Updated 3 years ago