recontech404/Kairos

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/recontech404/Kairos)

recontech404 / Kairos

Open Source eBPF Malware Analysis Framework

☆54

Alternatives and similar repositories for Kairos

Users that are interested in Kairos are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

Fare9 / elfparser_e
View on GitHub
Example of an ELF parser to learn about the ELF format
☆11Oct 6, 2024Updated last year
sleepyG8 / GlyphDbg
View on GitHub
RE for champions
☆15Updated this week
un4ckn0wl3z / PCIE-Detector
View on GitHub
Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures
☆38Sep 22, 2024Updated last year
0xDivyanshu-new / CVE-2023-29360
View on GitHub
POC for CVE-2023-29360
☆12Aug 31, 2024Updated last year
Rantanen / ghidra-minidump-loader
View on GitHub
Windows Minidump loader for Ghidra
☆29Sep 30, 2022Updated 3 years ago
Simple, predictable pricing with DigitalOcean hosting • Ad
Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
FalconForceTeam / bof-winrm-plugin-jump
View on GitHub
☆33Jan 23, 2025Updated last year
triskellib / vscode
View on GitHub
LLVM Graph View for VSCode
☆40Mar 25, 2025Updated last year
Pdawg-bytes / UEFIBootKit
View on GitHub
A simple UEFI bootkit made by @NSG650 and me.
☆26Dec 29, 2024Updated last year
felmoltor / goLAPS
View on GitHub
Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.
☆32Mar 8, 2025Updated last year
pinwhell / MSPDBX
View on GitHub
Lightweight PDB symbol parser and resolver
☆29Oct 28, 2024Updated last year
b-irb / PigPEI
View on GitHub
PEIM (UEFI) bootkit targeting OVMF (EDK2)
☆41Nov 28, 2023Updated 2 years ago
jp-gouin / multi-cluster-supply-chain
View on GitHub
☆16Jul 17, 2024Updated last year
n01e0 / pRETzel_logic
View on GitHub
LLVM-based ROP obfuscated compiler
☆13Mar 24, 2022Updated 4 years ago
iogbole / ebpf-network-viz
View on GitHub
Getting Started with eBPF
☆27Nov 4, 2023Updated 2 years ago
Managed Database hosting by DigitalOcean • Ad
PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
backengineering / elderscroll
View on GitHub
PDB Rewriting Rust Library
☆28Apr 26, 2024Updated last year
knight0x07 / NailaoLoader-Hiding-Execution-Flow
View on GitHub
NailaoLoader: Hiding Execution Flow via Patching
☆23Feb 27, 2025Updated last year
RenderZ0n3 / Malware-Development
View on GitHub
☆10Jul 1, 2023Updated 2 years ago
icicle-emu / icicle-python
View on GitHub
Python bindings for the Icicle emulator.
☆41Nov 6, 2025Updated 4 months ago
backengineering / POC-AntiKernelDebug
View on GitHub
POC about how to detect windows kernel debug by pool tag.
☆13Nov 29, 2023Updated 2 years ago
mathetake / tvisor
View on GitHub
tvisor is a tiny 100% userspace syscall interception framework
☆46Apr 13, 2024Updated last year
ChrisTheCoolHut / Auto_rop_chain_generation
View on GitHub
☆16Jan 23, 2022Updated 4 years ago
daem0nc0re / VectorKernel
View on GitHub
PoCs for Kernelmode rootkit techniques research.
☆435Nov 4, 2025Updated 4 months ago
ait-aecid / rootkit-detection-ebpf-time-trace
View on GitHub
Detection of rootkit file hiding activities through analysis of shifts in kernel function execution times.
☆29Sep 10, 2025Updated 6 months ago
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
badhive / alca
View on GitHub
Rule Engine for Dynamic Malware Analysis and Research
☆25Apr 16, 2025Updated 11 months ago
Scorpion-Security-Labs / OpenHashAPI
View on GitHub
OpenHashAPI provides a secure method of communicating hashes and enables lightweight workflows for security practitioners and enthusiasts…
☆13Oct 27, 2024Updated last year
shlyuz / teamserver
View on GitHub
☆12Jun 22, 2022Updated 3 years ago
DualHorizon / blackpill
View on GitHub
A Linux kernel rootkit in Rust using a custom made type-2 hypervisor, eBPF XDP and TC programs
☆337Feb 27, 2026Updated 3 weeks ago
pwnfuzz / cve-pocs
View on GitHub
Proof Of Concepts
☆55Jan 4, 2026Updated 2 months ago
WerWolv / PCBEmulator
View on GitHub
☆20Jul 11, 2021Updated 4 years ago
fredrequin / JiVe
View on GitHub
Small micro-coded RISC-V softcore
☆15Nov 27, 2018Updated 7 years ago
mikekben / SLOT
View on GitHub
SLOT: SMT-LLVM Optimizing Translation
☆62Apr 17, 2025Updated 11 months ago
dmaivel / ntoseye
View on GitHub
Windows kernel debugger for Linux hosts running Windows under KVM/QEMU
☆133Mar 15, 2026Updated last week
Managed Database hosting by DigitalOcean • Ad
PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
gmh5225 / recompiler-egalito
View on GitHub
Self-hosting binary instrumentation framework for security research
☆12Apr 10, 2023Updated 2 years ago
amjcyber / EDRNoiseMaker
View on GitHub
Detect WFP filters blocking EDR communications
☆96Jan 5, 2024Updated 2 years ago
keywa7 / keywa7
View on GitHub
The tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.
☆62Aug 19, 2024Updated last year
stuxnet147 / IDA-Assistant
View on GitHub
IDA plugin to support automatic reverse engineering
☆80Feb 28, 2025Updated last year
cedowens / docker-arsenal
View on GitHub
Spins up a docker container with several useful tools for offensive security in macOS/cloud environments. Also installs the needed depend…
☆18Nov 3, 2021Updated 4 years ago
CR-DMcDonald / voipire
View on GitHub
☆16May 29, 2024Updated last year
themittenmac / threat-hunting-macos-book
View on GitHub
A companion Github repo for the book - Threat Hunting macOS by Jaron Bradley
☆19Jul 26, 2025Updated 8 months ago