ebpfkit-monitor
Erbpf detector
A tool designed to detect and protect against certain types of malicious eBPF bytecode
ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits
125 stars
6 watching
17 forks
Language: C
last commit: almost 2 years ago
Linked from 1 awesome list
ebpfkernellinuxlinux-kernellinux-kernel-hackingrootkitruntime-securitysecurity
Related projects:
Repository | Description | Stars |
---|---|---|
gui774ume/ebpfkit | A rootkit powered by eBPF designed to demonstrate offensive security techniques and bypass kernel protections. | 766 |
ebpfdev/explorer | A tool to explore and visualize the eBPF subsystem of Linux hosts | 82 |
vbpf/ebpf-verifier | A tool that verifies the correctness of eBPF programs using an abstract interpretation approach | 394 |
h3xduck/triplecross | A Linux rootkit demonstrating the offensive capabilities of eBPF technology using various techniques such as backdoors, C2 channels and code injection. | 1,796 |
redcanaryco/ebpfmon | Tool for monitoring and inspecting eBPF programs on Linux systems | 85 |
ebpfdev/explorer-ui | A frontend application for exploring and interacting with eBPF (Extended Berkeley Packet Filter) systems | 2 |
eunomia-bpf/eunomia-bpf | A toolchain to simplify building and running eBPF programs with CO-RE and WebAssembly support | 687 |
pathtofile/bad-bpf | Demonstrates security vulnerabilities in the Linux kernel's eBPF system | 556 |
redcanaryco/redcanary-ebpf-sensor | A collection of eBPF applications designed to gather system events for a Linux EDR solution | 101 |
rprinz08/hbpf | An experiment to implement eBPF features in hardware using alternate HDLs and cheap development boards | 402 |
kindlingproject/kindling | An eBPF-based monitoring tool for Kubernetes applications. | 1,132 |
iovisor/ubpf | An eBPF VM that allows userspace execution of eBPF programs in a Linux kernel-independent way. | 841 |
linux-lock/bpflock | A security solution using eBPF to restrict Linux access and protect against attacks | 138 |
tw4452852/zbpf | A tool that enables writing eBPF programs with strong type systems in Zig. | 125 |
fzakaria/ebpf-mpls-encap-decap | Demonstrates packet encapsulation and decapsulation with MPLS labels using eBPF | 54 |