Skip to content
/ GoodKit Public

Rootkit for the blue team. Sophisticated and optimized LKM to detect and prevent malicious activity

35 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

SilverPlate3/GoodKit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

130 Commits
Kernel
Kernel
 
 
Tests
Tests
 
 
UserSpace
UserSpace
 
 
Makefile
Makefile
 
 
NextSteps.txt
NextSteps.txt
 
 
README.md
README.md
 
 

Repository files navigation

GoodKit drawio

project purpose:

Offer blue teams a reliable and efficient way to detect and prevent malicious process's and file aceess.
Users can control the LKM detection rules and exclusion with a simple json.

How to use

git clone
sudo make all
sudo ./UserSpace/user_app

Tested and built on

Built on kernel version: 6.5.0-26-generic, 6.7.0-rc8
Tested on kernel version: 6.5.0-26-generic, 6.7.0-rc8
Tested on distro: Ubuntu 22.04.3 LTS, Ubuntu 20.04.4 LTS
Built with GCC versions: 12.3.0, 9.4.0



**Future optimizations and features** - See NextSteps.txt

About

Rootkit for the blue team. Sophisticated and optimized LKM to detect and prevent malicious activity

Topics

linux-kernel cybersecurity syscall-hooking

Resources

Readme
Activity

Stars

35 stars

Watchers

2 watching

Forks

2 forks
Report repository

Languages