Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/silverplate3/goodkit
Rootkit for the blue team. Sophisticated and optimized LKM to detect and prevent malicious activity
https://github.com/silverplate3/goodkit
cybersecurity linux-kernel syscall-hooking
Last synced: 3 months ago
JSON representation
Rootkit for the blue team. Sophisticated and optimized LKM to detect and prevent malicious activity
- Host: GitHub
- URL: https://github.com/silverplate3/goodkit
- Owner: SilverPlate3
- Created: 2024-03-16T08:48:10.000Z (10 months ago)
- Default Branch: main
- Last Pushed: 2024-04-26T07:18:43.000Z (8 months ago)
- Last Synced: 2024-10-12T07:41:22.016Z (3 months ago)
- Topics: cybersecurity, linux-kernel, syscall-hooking
- Language: C++
- Homepage:
- Size: 271 KB
- Stars: 33
- Watchers: 2
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# project purpose:
Offer blue teams a reliable and efficient way to detect and prevent malicious process's and file aceess.
Users can control the LKM detection rules and exclusion with a simple json.
# How to use
```
git clone
sudo make all
sudo ./UserSpace/user_app
```
# Tested and built on
Built on kernel version: 6.5.0-26-generic, 6.7.0-rc8
Tested on kernel version: 6.5.0-26-generic, 6.7.0-rc8
Tested on distro: Ubuntu 22.04.3 LTS, Ubuntu 20.04.4 LTS
Built with GCC versions: 12.3.0, 9.4.0
**Future optimizations and features** - See NextSteps.txt