TripleCross
Rootkit
A Linux rootkit demonstrating the offensive capabilities of eBPF technology using various techniques such as backdoors, C2 channels and code injection.
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
2k stars
39 watching
221 forks
Language: C
last commit: 8 months ago
Linked from 3 awesome lists
backdoorebpfkernellibbpfrootkitsecurity
Related projects:
Repository | Description | Stars |
---|---|---|
gui774ume/ebpfkit | A rootkit powered by eBPF designed to demonstrate offensive security techniques and bypass kernel protections. | 761 |
eterna1/puszek-rootkit | A Linux rootkit that hooks the system call table to hide files and processes. | 156 |
eversinc33/banshee | A Windows kernel rootkit with anti-rootkit evasion features and keylogging capabilities. | 493 |
mempodippy/vlany | A Linux rootkit designed to evade detection and maintain persistence on compromised systems | 944 |
d4stiny/spectre | A proof-of-concept Windows kernel-mode rootkit designed to demonstrate legitimate communication channel exploitation for remote control. | 685 |
gui774ume/ebpfkit-monitor | A tool designed to detect and protect against certain types of malicious eBPF bytecode | 123 |
m0nad/diamorphine | A Linux kernel module designed to create a stealthy backdoor and hide processes or users from system administrators. | 1,840 |
pathtofile/bad-bpf | Demonstrates security vulnerabilities in the Linux kernel's eBPF system | 549 |
eunomia-bpf/eunomia-bpf | A toolchain to simplify building and running eBPF programs with CO-RE and WebAssembly support | 681 |
d3ckx1/ola | A CS backdoor penetration module plugin that bundles various tools and features into a single package for convenience | 626 |
yaoyumeng/adore-ng | A Linux rootkit adapted for 2.6 and 3.x kernel versions | 205 |
squiffy/masochist | A framework for creating XNU-based rootkits with capabilities such as process manipulation and system call hijacking. | 124 |
0xsobky/hackvault | A container repository for storing and sharing public web hacking techniques and tools. | 1,948 |
p0cl4bs/wifipumpkin3 | A Python-based framework for conducting man-in-the-middle attacks and rogue access point exploits on wireless networks. | 1,982 |
1n3/intruderpayloads | A collection of tools and methodologies for web application testing and vulnerability assessment. | 3,686 |