driverxdw

driverxdw's repositories

Kprobe-hooker

Use kprobe capture common kernel event and can also use for hids agent（kernel module）

Language:C7 10

shared_mem_demo

communicate between userspace and kernel

Language:C5 10

WatchAD2.0

WatchAD2.0是一款针对域威胁的日志分析与监控系统

Language:CSSGPL-3.0100

AgentSmith-HIDS

By Kprobe technology Open Source Host-based Intrusion Detection System(HIDS), from E_Bwill.

Language:CGPL-2.0000

Artemis_HIDS

使用 cgroups + etcd + kafka + eBPF 开发而成的hids的架构，agent 部分使用go 开发而成，会把采集的数据写入到kafka里面，由后端的规则引擎（go开发而成）消费，配置部分以及agent存活使用etcd。

Language:YARA000

CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.

Language:GoGPL-2.0000

clamav

ClamAV - Documentation is here: https://docs.clamav.net

Language:CGPL-2.0000

client-go

Go client for Kubernetes.

Language:GoApache-2.0000

DriveLife-PsTrojan

TrojanDropper/PS.Maloader.d

000

ecapture

capture SSL/TLS text content without CA cert using eBPF. supports Linux x86_64/Aarch64, Android(GKI) Aarch64.

Language:CAGPL-3.0000

Elkeid-HUB

Elkeid HUB is a rule/event processing engine maintained by the Elkeid Team that supports streaming/offline (not yet supported by the community edition) data processing. The original intention is to solve complex data/event processing and external system linkage requirements through standardized rules.

Language:PythonNOASSERTION000

English-level-up-tips

An advanced guide to learn English which might benefit you a lot 🎉 . 离谱的英语学习指南/英语学习教程。

000

GhostHand

010

GitHubPoster

Make everything a GitHub svg poster and Skyline!

MIT000

InScan

边界打点后的自动化渗透工具

Language:Go000

kernel-exploit-factory

Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your environment anymore.

Language:C000