One of the fastest growing subsystems in the Linux Kernel is, without any doubt, eBPF (extended Berkeley Packet Filter). Although eBPF initially targeted net...

KRIe is a research project that aims to detect Linux Kernel exploits with eBPF. KRIe is far from being a bulletproof strategy: from eBPF related limitations to post exploitation detections that might rely on a compromised kernel to emit security events, it is clear that a motivated attacker will eventually be able to bypass it. That being said, the goal of the project is to make attackers’ lives harder and ultimately prevent out-of-the-box exploits from working on a vulnerable kernel.

simply bpf goodies

  • 0 users online
  • 1 user / day
  • 1 user / week
  • 1 user / month
  • 1 user / 6 months
  • 2 subscribers
  • 18 Posts
  • 1 Comment
  • Modlog