Kernel

Zero-trust kernel virtualization platform for endpoint defense and threat containment

A modern tool for Windows kernel exploration and observability with a focus on security.

A Linux privilege escalation auditing tool that identifies potential kernel vulnerabilities and suggests applicable exploits based on system analysis.

A Windows kernel driver intentionally designed with various vulnerabilities to help security researchers practice kernel exploitation techniques.

Porting GNU/Linux userland tools to the bionic/Linux userland of Android to provide access to the audit stream for Android applications with minimal overhead.

AMExtractor is an Android memory acquisition tool that dumps physical device memory using /dev/kmem without requiring kernel source code.

A local privilege escalation vulnerability in the Linux kernel known for its catchy name and potential damages.

Cutting-edge technology for developing security applications within the Linux kernel.

LinEnum is a tool for Linux enumeration that provides detailed system information and performs various checks and tasks.

Falco is a CNCF graduated runtime security tool that monitors Linux kernel events and syscalls to detect abnormal behavior and security threats in cloud native environments.

A proof-of-concept tool that demonstrates the Dirty COW kernel exploit (CVE-2016-5195) for privilege escalation within Docker containers, specifically targeting nginx images while providing mitigation guidance through AppArmor profiles.