Tag: RingReaper
-
RingReaper: Stealthy Linux Agent Abuses io_uring to Bypass EDR System Call Monitoring
RingReaper is a simple post-exploitation agent for Linux designed for those who need to operate stealthily, minimizing the chances of being detected by EDR solutions. The idea behind this project was to leverage io_uring, the new asynchronous I/O interface in the Linux kernel, specifically to avoid traditional system calls that most EDRs tend to monitor or even…
-
RingReaper: New Linux Tool Leverages io_uring Kernel Feature to Bypass EDR & Stealthily Control Systems
The emergence of a new tool known as RingReaper has sparked concern among cybersecurity experts and penetration testing teams alike. This program leverages a legitimate yet highly potent Linux kernel feature called io_uring to stealthily bypass modern threat detection and response systems (EDR). Introduced in Linux kernel version 5.1, io_uring was designed to accelerate asynchronous…