The Ghost in the Kernel Machine
There is a technology inside modern Linux systems that: It can do all of this (and much more) without the need of kernel modules;that technology is eBPF. The aim of this article is to provide an overview of the technology, present several use cases, and address potential misuse from an offensive security perspective. A Bit…
Read More