recontech404/Kairos

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/recontech404/Kairos)

recontech404 / Kairos

Open Source eBPF Malware Analysis Framework

☆54

Alternatives and similar repositories for Kairos

Users that are interested in Kairos are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

Fare9 / elfparser_e
View on GitHub
Example of an ELF parser to learn about the ELF format
☆11Oct 6, 2024Updated last year
un4ckn0wl3z / PCIE-Detector
View on GitHub
Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures
☆39Sep 22, 2024Updated last year
sleepyG8 / GlyphDbg
View on GitHub
RE for champions
☆15Updated this week
0xDivyanshu-new / CVE-2023-29360
View on GitHub
POC for CVE-2023-29360
☆12Aug 31, 2024Updated last year
Rantanen / ghidra-minidump-loader
View on GitHub
Windows Minidump loader for Ghidra
☆28Sep 30, 2022Updated 3 years ago
Wordpress hosting with auto-scaling - Free Trial • Ad
Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
FalconForceTeam / bof-winrm-plugin-jump
View on GitHub
☆35Jan 23, 2025Updated last year
triskellib / vscode
View on GitHub
LLVM Graph View for VSCode
☆41Mar 25, 2025Updated last year
Pdawg-bytes / UEFIBootKit
View on GitHub
A simple UEFI bootkit made by @NSG650 and me.
☆26Dec 29, 2024Updated last year
felmoltor / goLAPS
View on GitHub
Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.
☆32Mar 8, 2025Updated last year
pinwhell / MSPDBX
View on GitHub
Lightweight PDB symbol parser and resolver
☆30Oct 28, 2024Updated last year
b-irb / PigPEI
View on GitHub
PEIM (UEFI) bootkit targeting OVMF (EDK2)
☆41Nov 28, 2023Updated 2 years ago
jp-gouin / multi-cluster-supply-chain
View on GitHub
☆16Jul 17, 2024Updated last year
n01e0 / pRETzel_logic
View on GitHub
LLVM-based ROP obfuscated compiler
☆12Mar 24, 2022Updated 4 years ago
iogbole / ebpf-network-viz
View on GitHub
Getting Started with eBPF
☆27Nov 4, 2023Updated 2 years ago
Managed Database hosting by DigitalOcean • Ad
PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
LLVMParty / llvm-headers
View on GitHub
Easily search LLVM headers for all major versions!
☆19Sep 14, 2025Updated 7 months ago
backengineering / elderscroll
View on GitHub
PDB Rewriting Rust Library
☆29Apr 26, 2024Updated last year
arkedge / notalawyer
View on GitHub
Utility library to display license notices
☆12Mar 12, 2026Updated last month
knight0x07 / NailaoLoader-Hiding-Execution-Flow
View on GitHub
NailaoLoader: Hiding Execution Flow via Patching
☆23Feb 27, 2025Updated last year
RenderZ0n3 / Malware-Development
View on GitHub
☆10Jul 1, 2023Updated 2 years ago
icicle-emu / icicle-python
View on GitHub
Python bindings for the Icicle emulator.
☆41Nov 6, 2025Updated 5 months ago
backengineering / POC-AntiKernelDebug
View on GitHub
POC about how to detect windows kernel debug by pool tag.
☆13Nov 29, 2023Updated 2 years ago
beepfd / core
View on GitHub
BeePF 是一个用 Go 语言编写的 eBPF 程序加载器和运行时框架。它提供了一套完整的工具链，用于加载、管理和监控 eBPF 程序。
☆21Jul 14, 2025Updated 9 months ago
mathetake / tvisor
View on GitHub
tvisor is a tiny 100% userspace syscall interception framework
☆46Apr 13, 2024Updated 2 years ago
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
ChrisTheCoolHut / Auto_rop_chain_generation
View on GitHub
☆16Jan 23, 2022Updated 4 years ago
ait-aecid / rootkit-detection-ebpf-time-trace
View on GitHub
Detection of rootkit file hiding activities through analysis of shifts in kernel function execution times.
☆29Sep 10, 2025Updated 7 months ago
daem0nc0re / VectorKernel
View on GitHub
PoCs for Kernelmode rootkit techniques research.
☆437Mar 25, 2026Updated 3 weeks ago
pancak3lullz / SECurityTr8Ker
View on GitHub
SECurityTr8Ker monitors the SEC's RSS feed for 8-K filings with cybersecurity incident disclosures.
☆89Jun 20, 2025Updated 9 months ago
badhive / alca
View on GitHub
Rule Engine for Dynamic Malware Analysis and Research
☆25Apr 16, 2025Updated 11 months ago
Scorpion-Security-Labs / OpenHashAPI
View on GitHub
OpenHashAPI provides a secure method of communicating hashes and enables lightweight workflows for security practitioners and enthusiasts…
☆13Oct 27, 2024Updated last year
shlyuz / teamserver
View on GitHub
☆12Jun 22, 2022Updated 3 years ago
DualHorizon / blackpill
View on GitHub
A Linux kernel rootkit in Rust using a custom made type-2 hypervisor, eBPF XDP and TC programs
☆339Feb 27, 2026Updated last month
lkarlslund / nifo
View on GitHub
Nuke It From Orbit - remove AV/EDR with physical access
☆274Dec 8, 2024Updated last year
Deploy open-source AI quickly and easily - Bonus Offer • Ad
Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
pwnfuzz / cve-pocs
View on GitHub
Proof Of Concepts
☆56Jan 4, 2026Updated 3 months ago
WerWolv / PCBEmulator
View on GitHub
☆20Jul 11, 2021Updated 4 years ago
fredrequin / JiVe
View on GitHub
Small micro-coded RISC-V softcore
☆15Nov 27, 2018Updated 7 years ago
mikekben / SLOT
View on GitHub
SLOT: SMT-LLVM Optimizing Translation
☆62Apr 17, 2025Updated 11 months ago
dmaivel / ntoseye
View on GitHub
Windows kernel debugger for Linux hosts running Windows under KVM/QEMU
☆138Apr 5, 2026Updated last week
gmh5225 / recompiler-egalito
View on GitHub
Self-hosting binary instrumentation framework for security research
☆12Apr 10, 2023Updated 3 years ago
amjcyber / EDRNoiseMaker
View on GitHub
Detect WFP filters blocking EDR communications
☆97Jan 5, 2024Updated 2 years ago