Lists (8)
Stars
The fastest path to AI-powered full stack observability, even for lean teams.
BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more
A little tool to play with Windows security
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
Small and highly portable detection tests based on MITRE's ATT&CK.
windows-kernel-exploits Windows平台提权漏洞集合
linux-kernel-exploits Linux平台提权漏洞集合
eBPF-based Security Observability and Runtime Enforcement
eBPF implementation that runs on top of Windows
Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)
Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.
bpftop provides a dynamic real-time view of running eBPF programs. It displays the average runtime, events per second, and estimated total CPU % for each program.
Automated upstream mirror for libbpf stand-alone build.
Linux Test Project (mailing list: https://lists.linux.it/listinfo/ltp)
Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 9…
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
一个深挖 Linux 内核的新功能特性,以 io_uring, cgroup, ebpf, llvm 为代表,包含开源项目,代码案例,文章,视频,架构脑图等
Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.
Handy, High performance, ModSecurity compatible Nginx firewall module & 方便、高性能、兼容 ModSecurity 的 Nginx 防火墙模块
Tool for injecting a shared object into a Linux process