pathtofile/bpf-hookdetect

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/pathtofile/bpf-hookdetect)

pathtofile / bpf-hookdetect

Dectect syscall hooking using eBPF

☆170

Alternatives and similar repositories for bpf-hookdetect

Users that are interested in bpf-hookdetect are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

linuxthor / rkbreaker
View on GitHub
Rootkit breaker - experimental Linux anti-rootkit tool based on kprobes
☆12Sep 30, 2020Updated 5 years ago
CDuPlooy / arm64tracer
View on GitHub
☆15Jun 24, 2021Updated 4 years ago
lumontec / lsmtrace
View on GitHub
Trace deep kernel events through eBPF and lsm hooks
☆44Feb 9, 2021Updated 5 years ago
citronneur / blindssl
View on GitHub
Disable SSL certificate verification for all binaries that use libssl
☆48Jul 15, 2022Updated 3 years ago
0xjacklove / xflower
View on GitHub
deobfuscation BR
☆56Mar 4, 2024Updated 2 years ago
Serverless GPU API endpoints on Runpod - Get Bonus Credits • Ad
Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
redcanaryco / redcanary-ebpf-sensor
View on GitHub
Red Canary's eBPF Sensor
☆115Apr 15, 2026Updated last month
linuxthor / rkspotter
View on GitHub
Rootkit spotter - experimental Linux rootkit finder LKM
☆30Oct 11, 2020Updated 5 years ago
linux-lock / bpflock
View on GitHub
bpflock - eBPF driven security for locking and auditing Linux machines
☆154Feb 16, 2022Updated 4 years ago
carloslack / KoviD
View on GitHub
Red-Team LKM
☆642May 31, 2026Updated last week
tiann / ebpf-jnitrace
View on GitHub
Trace jni calls with eBPF on Android
☆24Jun 21, 2022Updated 3 years ago
gojue / ehids-agent
View on GitHub
A Linux Host-based Intrusion Detection System based on eBPF.
☆456Dec 20, 2023Updated 2 years ago
pathtofile / bad-bpf
View on GitHub
A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29
☆689Jul 7, 2024Updated last year
SsageParuders / Android_SVC_Edu
View on GitHub
A Project for people to study android svc.
☆26Aug 12, 2022Updated 3 years ago
NinnOgTonic / Out-of-Sight-Out-of-Mind-Rootkit
View on GitHub
Rootkit
☆24Nov 15, 2014Updated 11 years ago
Deploy open-source AI quickly and easily - Special Bonus Offer • Ad
Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
h3xduck / TripleCross
View on GitHub
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
☆1,962Apr 7, 2024Updated 2 years ago
krisnova / boopkit
View on GitHub
Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.
☆1,668Oct 19, 2023Updated 2 years ago
5ec1cff / IntentTracker
View on GitHub
☆30May 13, 2025Updated last year
Gui774ume / ebpfkit
View on GitHub
ebpfkit is a rootkit powered by eBPF
☆847Feb 28, 2023Updated 3 years ago
kiosk404 / openssl_tracer
View on GitHub
openssl tracer using eBPF
☆15Jan 4, 2026Updated 5 months ago
nullhook / ollvm-14.x
View on GitHub
WIP
☆15Jan 13, 2022Updated 4 years ago
gojue / ebpfmanager
View on GitHub
A golang ebpf libary based on cilium/ebpf and datadog/ebpf.
☆351May 18, 2025Updated last year
m0nad / Diamorphine
View on GitHub
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
☆2,358Apr 27, 2026Updated last month
BassamGraini / CVE-2022-2588
View on GitHub
☆12Dec 16, 2022Updated 3 years ago
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
gojue / rootkit-sample
View on GitHub
☆48Mar 19, 2022Updated 4 years ago
gagalin95 / FART_repairdex
View on GitHub
修复通过FART dump下来的dex
☆28Aug 1, 2020Updated 5 years ago
lockedbyte / so_loader
View on GitHub
In-memory ELF shared library loading
☆45Dec 18, 2022Updated 3 years ago
huaerxiela / frida-script
View on GitHub
☆58Nov 10, 2021Updated 4 years ago
3intermute / arm64_silent_syscall_hook
View on GitHub
silent syscall hooking without modifying sys_call_table/handlers via patching exception handler
☆155Apr 22, 2024Updated 2 years ago
AkaAny / proc_injector
View on GitHub
Inject remote process without using ptrace on linux based system
☆19Apr 26, 2022Updated 4 years ago
SsageParuders / Android_Anti-Hcak_Inotify
View on GitHub
Inotify监听测试
☆35Apr 17, 2022Updated 4 years ago
reveny / Android-Library-Remap-Hide
View on GitHub
Remap a library to avoid detection
☆134Feb 1, 2024Updated 2 years ago
wuyr / agent-injector-for-android
View on GitHub
基于JVMTI实现的Android端动态代码注入工具
☆40May 10, 2024Updated 2 years ago
Deploy open-source AI quickly and easily - Special Bonus Offer • Ad
Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
FrenchYeti / interruptor
View on GitHub
Human-friendly cross-platform system call tracing and hooking library based on Frida's Stalker
☆357Jul 21, 2023Updated 2 years ago
tr3ee / CVE-2022-23222
View on GitHub
CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation
☆575Jun 7, 2022Updated 4 years ago
SeeFlowerX / frida-smali-trace
View on GitHub
smali trace
☆210May 22, 2022Updated 4 years ago
VerSprite / engage
View on GitHub
Tools and Materials for the Frida Engage Blog Series
☆45Mar 28, 2018Updated 8 years ago
binarly-io / idapcode
View on GitHub
IDA plugin that displays the P-code for the current function
☆72Nov 18, 2025Updated 6 months ago
KKGanguly / DataCentricFuzzJS
View on GitHub
☆17May 26, 2026Updated 2 weeks ago
hardenedvault / ved-ebpf
View on GitHub
VED-eBPF: Kernel Exploit and Rootkit Detection using eBPF
☆171Sep 7, 2024Updated last year