pathtofile/bpf-hookdetect

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/pathtofile/bpf-hookdetect)

pathtofile / bpf-hookdetect

Dectect syscall hooking using eBPF

☆170

Alternatives and similar repositories for bpf-hookdetect

Users that are interested in bpf-hookdetect are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

linuxthor / rkbreaker
View on GitHub
Rootkit breaker - experimental Linux anti-rootkit tool based on kprobes
☆12Sep 30, 2020Updated 5 years ago
CDuPlooy / arm64tracer
View on GitHub
☆15Jun 24, 2021Updated 4 years ago
lumontec / lsmtrace
View on GitHub
Trace deep kernel events through eBPF and lsm hooks
☆42Feb 9, 2021Updated 5 years ago
citronneur / blindssl
View on GitHub
Disable SSL certificate verification for all binaries that use libssl
☆48Jul 15, 2022Updated 3 years ago
0xjacklove / xflower
View on GitHub
deobfuscation BR
☆56Mar 4, 2024Updated 2 years ago
Managed Database hosting by DigitalOcean • Ad
PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
redcanaryco / redcanary-ebpf-sensor
View on GitHub
Red Canary's eBPF Sensor
☆114Apr 15, 2026Updated 2 weeks ago
linuxthor / rkspotter
View on GitHub
Rootkit spotter - experimental Linux rootkit finder LKM
☆30Oct 11, 2020Updated 5 years ago
linux-lock / bpflock
View on GitHub
bpflock - eBPF driven security for locking and auditing Linux machines
☆152Feb 16, 2022Updated 4 years ago
carloslack / KoviD
View on GitHub
Red-Team LKM
☆633Apr 20, 2026Updated last week
tiann / ebpf-jnitrace
View on GitHub
Trace jni calls with eBPF on Android
☆24Jun 21, 2022Updated 3 years ago
gojue / ehids-agent
View on GitHub
A Linux Host-based Intrusion Detection System based on eBPF.
☆457Dec 20, 2023Updated 2 years ago
pathtofile / bad-bpf
View on GitHub
A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29
☆685Jul 7, 2024Updated last year
SsageParuders / Android_SVC_Edu
View on GitHub
A Project for people to study android svc.
☆26Aug 12, 2022Updated 3 years ago
NinnOgTonic / Out-of-Sight-Out-of-Mind-Rootkit
View on GitHub
Rootkit
☆24Nov 15, 2014Updated 11 years ago
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
h3xduck / TripleCross
View on GitHub
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
☆1,959Apr 7, 2024Updated 2 years ago
krisnova / boopkit
View on GitHub
Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.
☆1,665Oct 19, 2023Updated 2 years ago
5ec1cff / IntentTracker
View on GitHub
☆30May 13, 2025Updated 11 months ago
Gui774ume / ebpfkit
View on GitHub
ebpfkit is a rootkit powered by eBPF
☆846Feb 28, 2023Updated 3 years ago
kiosk404 / openssl_tracer
View on GitHub
openssl tracer using eBPF
☆16Jan 4, 2026Updated 3 months ago
nullhook / ollvm-14.x
View on GitHub
WIP
☆15Jan 13, 2022Updated 4 years ago
gojue / ebpfmanager
View on GitHub
A golang ebpf libary based on cilium/ebpf and datadog/ebpf.
☆350May 18, 2025Updated 11 months ago
m0nad / Diamorphine
View on GitHub
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
☆2,313Updated this week
BassamGraini / CVE-2022-2588
View on GitHub
☆12Dec 16, 2022Updated 3 years ago
End-to-end encrypted cloud storage - Proton Drive • Ad
Special offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
gojue / rootkit-sample
View on GitHub
☆48Mar 19, 2022Updated 4 years ago
gagalin95 / FART_repairdex
View on GitHub
修复通过FART dump下来的dex
☆29Aug 1, 2020Updated 5 years ago
lockedbyte / so_loader
View on GitHub
In-memory ELF shared library loading
☆45Dec 18, 2022Updated 3 years ago
huaerxiela / frida-script
View on GitHub
☆58Nov 10, 2021Updated 4 years ago
3intermute / arm64_silent_syscall_hook
View on GitHub
silent syscall hooking without modifying sys_call_table/handlers via patching exception handler
☆153Apr 22, 2024Updated 2 years ago
ajmwagar / tetanus
View on GitHub
A proof-of-concept reverse-shell written in rust.
☆32Apr 26, 2019Updated 7 years ago
AkaAny / proc_injector
View on GitHub
Inject remote process without using ptrace on linux based system
☆19Apr 26, 2022Updated 4 years ago
SsageParuders / Android_Anti-Hcak_Inotify
View on GitHub
Inotify监听测试
☆35Apr 17, 2022Updated 4 years ago
reveny / Android-Library-Remap-Hide
View on GitHub
Remap a library to avoid detection
☆133Feb 1, 2024Updated 2 years ago
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
wuyr / agent-injector-for-android
View on GitHub
基于JVMTI实现的Android端动态代码注入工具
☆41May 10, 2024Updated last year
FrenchYeti / interruptor
View on GitHub
Human-friendly cross-platform system call tracing and hooking library based on Frida's Stalker
☆356Jul 21, 2023Updated 2 years ago
tr3ee / CVE-2022-23222
View on GitHub
CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation
☆579Jun 7, 2022Updated 3 years ago
SeeFlowerX / frida-smali-trace
View on GitHub
smali trace
☆209May 22, 2022Updated 3 years ago
VerSprite / engage
View on GitHub
Tools and Materials for the Frida Engage Blog Series
☆45Mar 28, 2018Updated 8 years ago
binarly-io / idapcode
View on GitHub
IDA plugin that displays the P-code for the current function
☆72Nov 18, 2025Updated 5 months ago
KKGanguly / DataCentricFuzzJS
View on GitHub
☆16Feb 27, 2026Updated 2 months ago