TripleCross is a Linux eBPF rootkit that demonstrates the offensive capabilities of the eBPF technology.
TripleCross is inspired by previous implant designs in this area, notably the works of Jeff Dileo at DEFCON 27, Pat Hogan at DEFCON 29, Guillaume Fournier and Sylvain Afchain also at DEFCON 29, and Kris Nóva’s Boopkit. We reuse and extend some of the techniques pioneered by these previous explorations of the offensive capabilities of eBPF technology. TripleCross
Rascals are always sociable, and the chief sign that a man has any nobility in his character is the little pleasure he takes in others company. Arthur Schopenhauer