tstromberg/sunlight external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

tstromberg/sunlight

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/tstromberg/sunlight)

Close

tstromberg / sunlightView on GitHubMore

• External links
• Readme badge

Linux #rootkit and #malware revealer

☆31Aug 1, 2024Updated last year

Alternatives and similar repositories for sunlight

Users that are interested in sunlight are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• sandflysecurity / sandfly-file-decloak

  View on GitHub
  Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.
  ☆29Sep 29, 2025Updated 7 months ago
• vobst / BPFVol3

  View on GitHub
  Linux BPF plugins for Volatility3
  ☆23Jan 19, 2024Updated 2 years ago
• containerscrew / rootisnaked

  View on GitHub
  Simple root privilege escalation detection using eBPF 🐝
  ☆35Feb 10, 2026Updated 3 months ago
• sumeshi / mft2es

  View on GitHub
  A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.
  ☆12May 11, 2026Updated last week
• FauxFaux / bootsector

  View on GitHub
  Read partition tables from GPT and basic MBR
  ☆16Mar 10, 2023Updated 3 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• openrelik / openrelik-deploy

  View on GitHub
  Tools and scripts to deploy and manage OpenRelik instances
  ☆16Mar 23, 2026Updated last month
• CiscoCXSecurity / sudo-parser

  View on GitHub
  sudo-parser is a tool to audit complex sudoers files
  ☆18Nov 2, 2022Updated 3 years ago
• bohops / COM-to-the-Darkside

  View on GitHub
  Slides and resources from MCTTP 2025 Talk
  ☆70Oct 26, 2025Updated 6 months ago
• freakyclown / jsonviewer

  View on GitHub
  A command line Curses based json viewer and tabulator
  ☆30Aug 3, 2025Updated 9 months ago
• its-a-feature / macOSCameraCapture

  View on GitHub
  Simple CLI utility to save off an image from every webcam hooked into a mac
  ☆14May 20, 2021Updated 5 years ago
• linuxthor / rkbreaker

  View on GitHub
  Rootkit breaker - experimental Linux anti-rootkit tool based on kprobes
  ☆12Sep 30, 2020Updated 5 years ago
• leonjza / port-jump

  View on GitHub
  Some security by obscurity using port-jumping.
  ☆14Aug 21, 2025Updated 9 months ago
• NextronSystems / iocs

  View on GitHub
  Indicators of compromise from to analysis and research by Nextron Threat Research team
  ☆12Sep 17, 2025Updated 8 months ago
• s4dbrd / ETWReader

  View on GitHub
  Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich
  ☆19Jun 29, 2024Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• Kudaes / Puzzle

  View on GitHub
  Set of PoC to abuse Windows minifilters functionality
  ☆83May 1, 2026Updated 3 weeks ago
• zimnyaa / smbsocks

  View on GitHub
  A simple rpc2socks alternative in pure Go.
  ☆31Jul 8, 2024Updated last year
• chainguard-dev / osquery-defense-kit

  View on GitHub
  Production-ready detection & response queries for osquery
  ☆605Apr 22, 2026Updated last month
• jonny-jhnson / LDAPMon

  View on GitHub
  ☆47Oct 27, 2023Updated 2 years ago
• codewhitesec / daphne

  View on GitHub
  Proof-of-Concept to evade auditd by tampering via ptrace
  ☆19Aug 3, 2023Updated 2 years ago
• cado-security / varc

  View on GitHub
  Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…
  ☆254Nov 18, 2024Updated last year
• timb-machine / packet-monkey

  View on GitHub
  Packet Monkey is a tool to filter and classify PCAPs using Wireshark filters
  ☆11Feb 27, 2026Updated 2 months ago
• google / facade

  View on GitHub
  ☆155Mar 31, 2026Updated last month
• adulau / hashlookup-server

  View on GitHub
  Fast lookup server for NSRL and other hash database used in digital forensic
  ☆50Jan 26, 2026Updated 3 months ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• tclahr / uac

  View on GitHub
  UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It …
  ☆1,352Apr 16, 2026Updated last month
• forensicmatt / libtsk-rs

  View on GitHub
  Wrapper for TSK (Sleuth Kit) Bindings
  ☆12Jan 10, 2023Updated 3 years ago
• Sentinel-One / shadowsuid

  View on GitHub
  ☆23Jan 15, 2019Updated 7 years ago
• mnrkbys / fjta

  View on GitHub
  FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…
  ☆110Apr 8, 2026Updated last month
• west-wind / Threat-Hunting-With-Splunk

  View on GitHub
  Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise
  ☆69Apr 29, 2024Updated 2 years ago
• WithSecureLabs / ESFang

  View on GitHub
  ESF modular ingestion tool for development and research.
  ☆38Dec 21, 2021Updated 4 years ago
• Chocapikk / pgread

  View on GitHub
  Read PostgreSQL data files without credentials - forensics, data recovery, and security research tool
  ☆45Apr 14, 2026Updated last month
• secwest / fast-fwsign

  View on GitHub
  ☆28Sep 4, 2024Updated last year
• garrettfoster13 / fustercluck

  View on GitHub
  POC tool to abuse windows server failover clusters
  ☆56Aug 7, 2025Updated 9 months ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• Cipher7 / havoc-SauronEye

  View on GitHub
  ☆11Dec 8, 2023Updated 2 years ago
• swisscom / ArtifactCollectionMatrix

  View on GitHub
  Forensic Artifact Collection Tool Matrix
  ☆96Nov 9, 2024Updated last year
• CiscoCXSecurity / unix-audit

  View on GitHub
  Framework for generating audit commands for Unix security audits
  ☆66Aug 1, 2023Updated 2 years ago
• AlchemicalChef / ADTierModel

  View on GitHub
  This is a powershell module to help implement the AD Tier Model
  ☆17Feb 17, 2026Updated 3 months ago
• nullsection / SharpETW-Patch

  View on GitHub
  ☆23Nov 29, 2023Updated 2 years ago
• HendrikKoelbel / RunAsAdmin

  View on GitHub
  A tool to start programs with admin rights.
  ☆16Nov 18, 2025Updated 6 months ago
• sethhall / bro-domain-generation

  View on GitHub
  Bro script module for detecting malware using domain generation algorithms.
  ☆13Feb 22, 2018Updated 8 years ago