Search
Collection
Category
Tag
Blog
Pricing
Submit

Newsletter

Join the Community

Subscribe to our newsletter for the latest news and updates

Email

AISecKit

Curated AI security tools & LLM safety resources for cybersecurity professionals

Product

Search
Collection
Category
Tag

Resources

Blog
Pricing
Submit

Tools

🔥Marathons Tools

Company

About Us
Privacy Policy
Terms of Service
Sitemap

Copyright © 2026 All Rights Reserved.

Home
Category
Tamanoir

Tamanoir

An eBPF keylogger with C2-based RCE payload delivery for educational purposes.

image for Tamanoir

Introduction

Information

Publisher
AISecKit
Websitegithub.com
Published date2025/04/28

Categories

DevSecOps Tools
Penetration Testing
Security Research

Tags

Exploit Development
Security Auditing
Open Source
Incident Response
Red Team Operations

More Products

image of Phantom

DevSecOps ToolsPenetration TestingVulnerability Scanners

Phantom

A browser extension for SRC vulnerability mining, collecting sensitive information and suspicious clues from web pages.

Security Auditing Open Source Incident Response Vulnerability Scanning API Security+1

Exploiting AI

An introductory class on understanding AI security risks and mitigation strategies.

Prompt Injection Generative AI Red Team Testing Data Poisoning

PINT Benchmark

A benchmark for prompt injection detection systems, providing a neutral way to evaluate their performance.

Prompt Injection Model Robustness Security Auditing

Tamanoir

Tamanoir is an eBPF-based keylogger designed for educational purposes, enabling the extraction of keystrokes via DNS queries. It consists of three main components:

eBPF Program: Runs on the target host, capturing keystrokes and sending them via DNS queries. The attacker can deliver RCE payloads through DNS responses.
Command & Control (C2) Server: Acts as a DNS proxy, injecting RCE payloads into DNS responses and managing reverse shell connections.
TUI Client: A terminal user interface client that communicates with the C2 server, built using Ratatui.

Key Features:

Educational Use: Developed for learning and research purposes.
Modular Architecture: Composed of distinct components for flexibility.
RCE Payload Delivery: Allows for remote code execution through DNS responses.

Benefits:

Hands-on Learning: Provides practical experience with eBPF and network security concepts.
Open Source: Available for modification and improvement by the community.

Highlights:

Built with modern Rust libraries like Aya, Tokio, and Tonic.
Supports Linux-based operating systems for deployment.