TripleCross

Rootkit

A Linux rootkit demonstrating the offensive capabilities of eBPF technology using various techniques such as backdoors, C2 channels and code injection.

A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.

GitHub

2k stars
39 watching
221 forks
Language: C
last commit: 8 months ago
Linked from 3 awesome lists

backdoorebpfkernellibbpfrootkitsecurity

Backlinks from these awesome lists:

Related projects:

Repository Description Stars
gui774ume/ebpfkit A rootkit powered by eBPF designed to demonstrate offensive security techniques and bypass kernel protections. 761
eterna1/puszek-rootkit A Linux rootkit that hooks the system call table to hide files and processes. 156
eversinc33/banshee A Windows kernel rootkit with anti-rootkit evasion features and keylogging capabilities. 493
mempodippy/vlany A Linux rootkit designed to evade detection and maintain persistence on compromised systems 944
d4stiny/spectre A proof-of-concept Windows kernel-mode rootkit designed to demonstrate legitimate communication channel exploitation for remote control. 685
gui774ume/ebpfkit-monitor A tool designed to detect and protect against certain types of malicious eBPF bytecode 123
m0nad/diamorphine A Linux kernel module designed to create a stealthy backdoor and hide processes or users from system administrators. 1,840
pathtofile/bad-bpf Demonstrates security vulnerabilities in the Linux kernel's eBPF system 549
eunomia-bpf/eunomia-bpf A toolchain to simplify building and running eBPF programs with CO-RE and WebAssembly support 681
d3ckx1/ola A CS backdoor penetration module plugin that bundles various tools and features into a single package for convenience 626
yaoyumeng/adore-ng A Linux rootkit adapted for 2.6 and 3.x kernel versions 205
squiffy/masochist A framework for creating XNU-based rootkits with capabilities such as process manipulation and system call hijacking. 124
0xsobky/hackvault A container repository for storing and sharing public web hacking techniques and tools. 1,948
p0cl4bs/wifipumpkin3 A Python-based framework for conducting man-in-the-middle attacks and rogue access point exploits on wireless networks. 1,982
1n3/intruderpayloads A collection of tools and methodologies for web application testing and vulnerability assessment. 3,686