SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.triplecross (Back to overview)

TripleCross


According to its author, TripleCross is a Linux eBPF rootkit that demonstrates the offensive capabilities of the eBPF technology.

References
2023-12-21Martin Clauß, Valentin Obst
BPF Memory Forensics with Volatility 3
BPFDoor TripleCross
2021-10-27Github (h3xduck)Marcos Bajo
Github Repo for TripleCross
TripleCross

There is no Yara-Signature yet.