bouheki
lkrg
Our great sponsors
bouheki | lkrg | |
---|---|---|
1 | 7 | |
74 | 387 | |
- | 4.1% | |
0.0 | 7.9 | |
about 1 year ago | about 2 months ago | |
C | C | |
MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
bouheki
-
How to Prevent Data Exfiltration with eBPF
In this article, I will introduce bouheki, a tool that blocks data exfiltration by supply chain attacks and SSRF.
lkrg
-
[Security] Questions about LKRG and Debian hardening-runtime
What's the difference between LKRG and hardening-runtimepackage?
- LKRG – Linux Kernel Runtime Guard
-
Tetragone: A Lesson in Security Fundamentals
Similar concerns affect LKRG. Check out the LKRG bypass article by Alexander Popov for the details.
-
windows kernel patch guard-like for linux ?
I'm not an expert, but I can think of two things related to the integrity of Linux kernel. Linux has the ability to mark itself tainted 1 if you, as example, load proprietary drivers. On the other hand, there's Linux Kernel Runtime Guard (LKRG) 2 that performs integrity check on Linux kernel and detects exploits.
-
Need help with template modification
I'll try to make this as succinct as possible. I use the Linux Kernel Runtime Guard with my kernel as a security measure, and I use xbps-src to compile the kernel myself.
- Linux Kernel Runtime Guard (LKRG)
- Linux Kernel Runtime Guard
What are some alternatives?
machine-learning-in-ebpf - This repository contains the code for the paper "A flow-based IDS using Machine Learning in eBPF", Contact: Maximilian Bachl
ebpfkit - ebpfkit is a rootkit powered by eBPF
linux-hardened - Minimal supplement to upstream Kernel Self Protection Project changes. Features already provided by SELinux + Yama and archs other than multiarch arm64 / x86_64 aren't in scope. Only tags have stable history. Shared IRC channel with KSPP: irc.libera.chat #linux-hardening
TripleCross - A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
zen-kernel - Zen Patched Kernel Sources
gsocket - Connect like there is no firewall. Securely.
fapolicyd - File Access Policy Daemon
openbsm - OpenBSM open audit implementation
wiser - :racehorse: Extremely minimal vmm for linux written in C. Hopefully someday will spin linux-vm for you.
parca-agent - eBPF based always-on profiler auto-discovering targets in Kubernetes and systemd, zero code changes or restarts needed!
linux - Linux kernel stable tree mirror