all InfoSec news
Nysm - A Stealth Post-Exploitation Container
KitPloit - PenTest Tools! www.kitploit.com
A stealth post-exploitation container.
Introduction
With the raise in popularity of offensive tools based on eBPF, going from credential stealers to rootkits hiding their own PID, a question came to our mind: Would it be possible to make eBPF invisible in its own eyes? From there, we created nysm, an eBPF stealth container meant to make offensive tools fly under the radar of System Administrators, not only by hiding eBPF, but much more:
- bpftool
- bpflist-bpfcc
- ps
- top
- sockstat
- ss
- rkhunter …
container credential ebpf exploitation introduction offensive own post-exploitation processes question rootkits socat socket ssh stealers stealth tools