hackerschoice / bpfhacks
eBPF hacks
☆186Updated 4 months ago
Alternatives and similar repositories for bpfhacks:
Users that are interested in bpfhacks are comparing it to the libraries listed below
- Circumventing "noexec" mount flag to execute arbitrary linux binaries by ptrace-less process injection☆112Updated last month
- Heavily-modified fork of David Buchanan's dlinject project. Injects arbitrary assembly (or precompiled binary) payloads directly into x86…☆130Updated 2 years ago
- nysm is a stealth post-exploitation container.☆246Updated last year
- SSHD Based implant supporting tunneling mecanisms to reach the C2 (DNS, ICMP, HTTP Encapsulation, HTTP/Socks Proxies, UDP...)☆264Updated 2 months ago
- VED-eBPF: Kernel Exploit and Rootkit Detection using eBPF☆156Updated 8 months ago
- Get root via TTY / TIOCSTI stuffing☆73Updated 9 months ago
- reverse shell using curl☆206Updated 2 months ago
- Rust Linux Kernel Module designed for LKM rootkit detection☆42Updated last month
- A suite of services (SOCKS, FTP, shell, etc.) over Citrix, VMware Horizon and native Windows RDP virtual channels.☆205Updated 3 weeks ago
- A Linux kernel rootkit in Rust using a custom made type-2 hypervisor, eBPF XDP and TC programs☆301Updated 3 months ago
- A delicious, but malicious SSL-VPN server 🌮☆219Updated 5 months ago
- Userland exec PoC to be used as attack vector technique☆85Updated 3 months ago
- HardeningMeter is an open-source Python tool carefully designed to comprehensively assess the security hardening of binaries and systems.☆62Updated 5 months ago
- ☆55Updated 6 months ago
- Collection of codes focused on Linux rootkits☆107Updated 2 months ago
- Linpmem is a linux memory acquisition tool☆82Updated 11 months ago
- Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypa…☆250Updated last year
- A prototype malware C2 channel using x509 certificates over mTLS☆153Updated last year
- Establishes persistence on a Linux system by creating a udev rule that triggers the execution of a specified payload (binary or script)☆143Updated 8 months ago
- In-Memory Rootkit For Linux☆69Updated 2 weeks ago
- ☆133Updated last year
- Pack/Encrypt/Obfuscate ELF + SHELL scripts☆294Updated 2 weeks ago
- Apply a divide and conquer approach to bypass EDRs☆280Updated last year
- Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock …☆187Updated 7 months ago
- Cheat sheet to detect and remove linux kernel rootkit☆57Updated 4 months ago
- An ssh honeypot with the XZ backdoor. CVE-2024-3094☆141Updated last year
- Elf binary infector written in Go.☆209Updated 3 months ago
- LD_PRELOAD rootkit☆131Updated last year
- WallEscape vulnerability in util-linux☆51Updated last year
- Monarch - The Adversary Emulation Toolkit☆62Updated 4 months ago