h3xduck / TripleCross
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
☆1,785Updated 7 months ago
Related projects ⓘ
Alternatives and complementary repositories for TripleCross
- Credentials Dumper for Linux using eBPF☆1,116Updated 2 months ago
- ebpfkit is a rootkit powered by eBPF☆761Updated last year
- A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29☆548Updated 4 months ago
- Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.☆1,571Updated last year
- A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.☆799Updated last year
- Linux/Windows post-exploitation framework made by linux user☆1,381Updated this week
- awesome-linux-rootkits☆1,725Updated last year
- Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your enviro…☆1,175Updated 3 months ago
- Linux Kernel Hacking☆640Updated 7 months ago
- LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)☆1,844Updated last year
- DeimosC2 is a Golang command and control framework for post-exploitation.☆1,097Updated last year
- Linux kernel rootkit☆279Updated this week
- Statically-linked ssh server with reverse shell functionality for CTFs and such☆928Updated last year
- LKM Linux rootkit☆2,613Updated 3 years ago
- A collection of links related to VMware escape exploits☆1,362Updated 2 months ago
- Shikata ga nai (仕方がない) encoder ported into go with several improvements☆1,536Updated 9 months ago
- Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…☆2,037Updated 2 weeks ago
- This map lists the essential techniques to bypass anti-virus and EDR☆2,338Updated 11 months ago
- RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.☆1,410Updated 3 months ago
- Research code & papers from members of vx-underground.☆1,146Updated 2 years ago
- Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.☆1,358Updated 2 years ago
- A root exploit for CVE-2022-0847 (Dirty Pipe)☆1,092Updated 2 years ago
- A post exploitation framework designed to operate covertly on heavily monitored environments☆2,046Updated 3 years ago
- A tool to kill antimalware protected processes☆1,383Updated 3 years ago
- Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)☆1,209Updated 5 months ago
- Practice Go programming and implement CobaltStrike's Beacon in Go☆1,149Updated 4 years ago
- Sysmon for Linux☆1,749Updated last week
- SSH based reverse shell☆966Updated this week
- Execute ELF files without dropping them on disk☆482Updated 4 months ago
- ScareCrow - Payload creation framework designed around EDR bypass.☆2,740Updated last year