Offer blue teams a reliable and efficient way to detect and prevent malicious process's and file aceess.
Users can control the LKM detection rules and exclusion with a simple json.
git clone
sudo make all
sudo ./UserSpace/user_app
Built on kernel version: 6.5.0-26-generic, 6.7.0-rc8
Tested on kernel version: 6.5.0-26-generic, 6.7.0-rc8
Tested on distro: Ubuntu 22.04.3 LTS, Ubuntu 20.04.4 LTS
Built with GCC versions: 12.3.0, 9.4.0
**Future optimizations and features** - See NextSteps.txt