recontech404/Kairos

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/recontech404/Kairos)

recontech404 / Kairos

Open Source eBPF Malware Analysis Framework

☆55

Alternatives and similar repositories for Kairos

Users that are interested in Kairos are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

Fare9 / elfparser_e
View on GitHub
Example of an ELF parser to learn about the ELF format
☆11Oct 6, 2024Updated last year
un4ckn0wl3z / PCIE-Detector
View on GitHub
Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures
☆38Sep 22, 2024Updated last year
sleepyG8 / GlyphDbg
View on GitHub
RE for champions
☆16Updated this week
0xDivyanshu-new / CVE-2023-29360
View on GitHub
POC for CVE-2023-29360
☆11Aug 31, 2024Updated last year
Rantanen / ghidra-minidump-loader
View on GitHub
Windows Minidump loader for Ghidra
☆30Sep 30, 2022Updated 3 years ago
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
FalconForceTeam / bof-winrm-plugin-jump
View on GitHub
☆36Jan 23, 2025Updated last year
triskellib / vscode
View on GitHub
LLVM Graph View for VSCode
☆42Mar 25, 2025Updated last year
felmoltor / goLAPS
View on GitHub
Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.
☆32Mar 8, 2025Updated last year
Pdawg-bytes / UEFIBootKit
View on GitHub
A simple UEFI bootkit made by @NSG650 and me.
☆27Dec 29, 2024Updated last year
pinwhell / MSPDBX
View on GitHub
Lightweight PDB symbol parser and resolver
☆30Oct 28, 2024Updated last year
b-irb / PigPEI
View on GitHub
PEIM (UEFI) bootkit targeting OVMF (EDK2)
☆40Nov 28, 2023Updated 2 years ago
jp-gouin / multi-cluster-supply-chain
View on GitHub
☆15Jul 17, 2024Updated last year
n01e0 / pRETzel_logic
View on GitHub
LLVM-based ROP obfuscated compiler
☆12Mar 24, 2022Updated 4 years ago
iogbole / ebpf-network-viz
View on GitHub
Getting Started with eBPF
☆26Nov 4, 2023Updated 2 years ago
Deploy open-source AI quickly and easily - Special Bonus Offer • Ad
Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
LLVMParty / llvm-headers
View on GitHub
Easily search LLVM headers for all major versions!
☆19Sep 14, 2025Updated 9 months ago
backengineering / elderscroll
View on GitHub
PDB Rewriting Rust Library
☆29Apr 26, 2024Updated 2 years ago
arkedge / notalawyer
View on GitHub
Utility library to display license notices
☆12Apr 16, 2026Updated last month
knight0x07 / NailaoLoader-Hiding-Execution-Flow
View on GitHub
NailaoLoader: Hiding Execution Flow via Patching
☆23Feb 27, 2025Updated last year
RenderZ0n3 / Malware-Development
View on GitHub
☆10Jul 1, 2023Updated 2 years ago
icicle-emu / icicle-python
View on GitHub
Python bindings for the Icicle emulator.
☆42Nov 6, 2025Updated 7 months ago
backengineering / POC-AntiKernelDebug
View on GitHub
POC about how to detect windows kernel debug by pool tag.
☆13Nov 29, 2023Updated 2 years ago
beepfd / core
View on GitHub
BeePF 是一个用 Go 语言编写的 eBPF 程序加载器和运行时框架。它提供了一套完整的工具链，用于加载、管理和监控 eBPF 程序。
☆20Jul 14, 2025Updated 11 months ago
L4ys / IDA-WPP-Remover
View on GitHub
Remove WPP calls from hexrays decompiled code
☆56Jan 31, 2026Updated 4 months ago
Proton VPN Special Offer - Get 70% off • Ad
Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
mathetake / tvisor
View on GitHub
tvisor is a tiny 100% userspace syscall interception framework
☆47Apr 13, 2024Updated 2 years ago
ChrisTheCoolHut / Auto_rop_chain_generation
View on GitHub
☆16Jan 23, 2022Updated 4 years ago
ait-aecid / rootkit-detection-ebpf-time-trace
View on GitHub
Detection of rootkit file hiding activities through analysis of shifts in kernel function execution times.
☆29Sep 10, 2025Updated 9 months ago
daem0nc0re / VectorKernel
View on GitHub
PoCs for Kernelmode rootkit techniques research.
☆441Mar 25, 2026Updated 2 months ago
badhive / alca
View on GitHub
Rule Engine for Dynamic Malware Analysis and Research
☆25Apr 16, 2025Updated last year
Scorpion-Security-Labs / OpenHashAPI
View on GitHub
OpenHashAPI provides a secure method of communicating hashes and enables lightweight workflows for security practitioners and enthusiasts…
☆13Oct 27, 2024Updated last year
shlyuz / teamserver
View on GitHub
☆12Jun 22, 2022Updated 3 years ago
DualHorizon / blackpill
View on GitHub
A Linux kernel rootkit in Rust using a custom made type-2 hypervisor, eBPF XDP and TC programs
☆341Feb 27, 2026Updated 3 months ago
lkarlslund / nifo
View on GitHub
Nuke It From Orbit - remove AV/EDR with physical access
☆274Dec 8, 2024Updated last year
GPU virtual machines on DigitalOcean Gradient AI • Ad
Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
pwnfuzz / cve-pocs
View on GitHub
Proof Of Concepts
☆56Jan 4, 2026Updated 5 months ago
fredrequin / JiVe
View on GitHub
Small micro-coded RISC-V softcore
☆15Nov 27, 2018Updated 7 years ago
mikekben / SLOT
View on GitHub
SLOT: SMT-LLVM Optimizing Translation
☆62Apr 17, 2025Updated last year
dmaivel / ntoseye
View on GitHub
Windows kernel debugger for Linux hosts running Windows under KVM/QEMU
☆146Updated this week
amjcyber / EDRNoiseMaker
View on GitHub
Detect WFP filters blocking EDR communications
☆97Jan 5, 2024Updated 2 years ago
keywa7 / keywa7
View on GitHub
The tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.
☆62Aug 19, 2024Updated last year
cybersectroll / TrollBlacklistDLL
View on GitHub
☆45Jul 17, 2025Updated 10 months ago