recontech404/Kairos

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/recontech404/Kairos)

recontech404 / Kairos

Open Source eBPF Malware Analysis Framework

☆54

Alternatives and similar repositories for Kairos

Users that are interested in Kairos are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

Fare9 / elfparser_e
View on GitHub
Example of an ELF parser to learn about the ELF format
☆11Oct 6, 2024Updated last year
sleepyG8 / GlyphDbg
View on GitHub
RE for champions
☆15Updated this week
un4ckn0wl3z / PCIE-Detector
View on GitHub
Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures
☆39Sep 22, 2024Updated last year
0xDivyanshu-new / CVE-2023-29360
View on GitHub
POC for CVE-2023-29360
☆12Aug 31, 2024Updated last year
Rantanen / ghidra-minidump-loader
View on GitHub
Windows Minidump loader for Ghidra
☆29Sep 30, 2022Updated 3 years ago
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
FalconForceTeam / bof-winrm-plugin-jump
View on GitHub
☆36Jan 23, 2025Updated last year
triskellib / vscode
View on GitHub
LLVM Graph View for VSCode
☆42Mar 25, 2025Updated last year
felmoltor / goLAPS
View on GitHub
Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.
☆32Mar 8, 2025Updated last year
Pdawg-bytes / UEFIBootKit
View on GitHub
A simple UEFI bootkit made by @NSG650 and me.
☆26Dec 29, 2024Updated last year
pinwhell / MSPDBX
View on GitHub
Lightweight PDB symbol parser and resolver
☆30Oct 28, 2024Updated last year
b-irb / PigPEI
View on GitHub
PEIM (UEFI) bootkit targeting OVMF (EDK2)
☆40Nov 28, 2023Updated 2 years ago
jp-gouin / multi-cluster-supply-chain
View on GitHub
☆16Jul 17, 2024Updated last year
n01e0 / pRETzel_logic
View on GitHub
LLVM-based ROP obfuscated compiler
☆12Mar 24, 2022Updated 4 years ago
iogbole / ebpf-network-viz
View on GitHub
Getting Started with eBPF
☆27Nov 4, 2023Updated 2 years ago
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
LLVMParty / llvm-headers
View on GitHub
Easily search LLVM headers for all major versions!
☆19Sep 14, 2025Updated 7 months ago
backengineering / elderscroll
View on GitHub
PDB Rewriting Rust Library
☆29Apr 26, 2024Updated 2 years ago
arkedge / notalawyer
View on GitHub
Utility library to display license notices
☆12Apr 16, 2026Updated 2 weeks ago
knight0x07 / NailaoLoader-Hiding-Execution-Flow
View on GitHub
NailaoLoader: Hiding Execution Flow via Patching
☆23Feb 27, 2025Updated last year
RenderZ0n3 / Malware-Development
View on GitHub
☆10Jul 1, 2023Updated 2 years ago
icicle-emu / icicle-python
View on GitHub
Python bindings for the Icicle emulator.
☆41Nov 6, 2025Updated 5 months ago
backengineering / POC-AntiKernelDebug
View on GitHub
POC about how to detect windows kernel debug by pool tag.
☆13Nov 29, 2023Updated 2 years ago
mathetake / tvisor
View on GitHub
tvisor is a tiny 100% userspace syscall interception framework
☆46Apr 13, 2024Updated 2 years ago
ChrisTheCoolHut / Auto_rop_chain_generation
View on GitHub
☆16Jan 23, 2022Updated 4 years ago
Proton VPN Special Offer - Get 70% off • Ad
Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
ait-aecid / rootkit-detection-ebpf-time-trace
View on GitHub
Detection of rootkit file hiding activities through analysis of shifts in kernel function execution times.
☆29Sep 10, 2025Updated 7 months ago
daem0nc0re / VectorKernel
View on GitHub
PoCs for Kernelmode rootkit techniques research.
☆436Mar 25, 2026Updated last month
pancak3lullz / SECurityTr8Ker
View on GitHub
SECurityTr8Ker monitors the SEC's RSS feed for 8-K filings with cybersecurity incident disclosures.
☆89Jun 20, 2025Updated 10 months ago
badhive / alca
View on GitHub
Rule Engine for Dynamic Malware Analysis and Research
☆25Apr 16, 2025Updated last year
Scorpion-Security-Labs / OpenHashAPI
View on GitHub
OpenHashAPI provides a secure method of communicating hashes and enables lightweight workflows for security practitioners and enthusiasts…
☆13Oct 27, 2024Updated last year
shlyuz / teamserver
View on GitHub
☆12Jun 22, 2022Updated 3 years ago
DualHorizon / blackpill
View on GitHub
A Linux kernel rootkit in Rust using a custom made type-2 hypervisor, eBPF XDP and TC programs
☆341Feb 27, 2026Updated 2 months ago
lkarlslund / nifo
View on GitHub
Nuke It From Orbit - remove AV/EDR with physical access
☆274Dec 8, 2024Updated last year
pwnfuzz / cve-pocs
View on GitHub
Proof Of Concepts
☆56Jan 4, 2026Updated 4 months ago
GPU virtual machines on DigitalOcean Gradient AI • Ad
Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
WerWolv / PCBEmulator
View on GitHub
☆20Jul 11, 2021Updated 4 years ago
fredrequin / JiVe
View on GitHub
Small micro-coded RISC-V softcore
☆15Nov 27, 2018Updated 7 years ago
mikekben / SLOT
View on GitHub
SLOT: SMT-LLVM Optimizing Translation
☆62Apr 17, 2025Updated last year
dmaivel / ntoseye
View on GitHub
Windows kernel debugger for Linux hosts running Windows under KVM/QEMU
☆139Apr 18, 2026Updated 2 weeks ago
gmh5225 / recompiler-egalito
View on GitHub
Self-hosting binary instrumentation framework for security research
☆12Apr 10, 2023Updated 3 years ago
amjcyber / EDRNoiseMaker
View on GitHub
Detect WFP filters blocking EDR communications
☆97Jan 5, 2024Updated 2 years ago
keywa7 / keywa7
View on GitHub
The tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.
☆62Aug 19, 2024Updated last year