TripleCross - Linux eBPF rootkit with backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.

[https://github.com/h3xduck/TripleCross](https://github.com/h3xduck/TripleCross)

I am the creator of TripleCross, a new Linux eBPF rootkit that showcases the offensive capabilities of the eBPF technology. We believe it may be relevant for the security community so we are sharing it on the main cybersec subreddits. I also answer questions! Here goes some details about the project:

eBPF is a Linux technology (now coming to Windows and Android) that allows running code in the kernel without loading kernel modules. Although useful, it has recently been …

backdoor c2 cybersecurity ebpf hijacking injection library linux persistence rootkit