landhb / DrawBridge
Layer 4 Single Packet Authentication Linux kernel module utilizing Netfilter hooks and kernel supported Berkeley Packet Filters (BPF)
☆114Updated last year
Alternatives and similar repositories for DrawBridge:
Users that are interested in DrawBridge are comparing it to the libraries listed below
- Whitelisting LD_PRELOAD libraries using LD_AUDIT☆62Updated 3 years ago
- eBPF - extended Berkeley Packet Filter tooling☆123Updated 2 years ago
- Linux 4.9 Loadable Kernel Module to hide processes from system utilities☆67Updated 6 years ago
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆127Updated 2 years ago
- ICMP and DNS tunneling via IPv4 and IPv6☆202Updated last year
- ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)☆130Updated 6 years ago
- monitor and protect SSH sessions with eBPF☆66Updated 3 years ago
- Disabling kernel lockdown on Ubuntu without physical access☆79Updated 2 years ago
- LKRG bypass methods☆71Updated 5 years ago
- Small tool to run ELF binaries from memory with a given process name☆160Updated 3 years ago
- Linux v4.x.x Rootkit☆89Updated 7 months ago
- out-of-tree kernel {module, exploit} development tool☆226Updated 3 months ago
- a friendly wrapper around ptrace☆132Updated 2 years ago
- Example program using eBPF to log data being based in using shell pipes☆41Updated 4 years ago
- Kernel-Mode Rootkit Hunter☆363Updated 3 years ago
- Rootkit Detector for UNIX☆61Updated last year
- Vault Exploit Defense☆123Updated 6 months ago
- Tool to examine the behaviour of setuid binaries under constrained limits.☆62Updated 3 years ago
- egrets monitors egress☆46Updated 4 years ago
- The first Linux hooking framework to allow merging two binary files into one!☆94Updated 4 years ago
- A keystroke / terminal logger for Linux.☆216Updated 8 months ago
- crypted admin shell: SSH-like strong crypto remote admin shell for Linux, BSD, Android, Solaris and OSX☆194Updated 5 months ago
- Backdoor that listens for specially crafted ICMP packets and spawns reverse shells.☆68Updated 5 years ago
- This is a kernel module invoked reverse shell proof of concept.☆72Updated 5 years ago
- Shadow-Box: Lightweight and Practical Kernel Protector for x86 (Presented at BlackHat Asia 2017/2018, beVX 2018 and HITBSecConf 2017)☆185Updated 5 years ago
- TCP/UDP symmetric encryption tunnel wrapper☆120Updated 4 years ago
- General Research Repository - Only updated when I feel like it☆28Updated 4 months ago
- disable LD_PRELOAD on linux☆21Updated 8 years ago
- E2E encryption for multi-hop tty sessions or portshells + TCP/UDP port forward☆120Updated 4 months ago
- Linux Rootkit Scanner☆86Updated 3 years ago