dodox/piggyback
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

README — add intended use section

Browse Source 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Dominik Moritz Roth 2026-05-27 16:06:21 +02:00
parent 50c9b4df35
commit a3d6048ded
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
README.md
View File

@ -4,6 +4,19 @@ Covert channel using Linux TC eBPF. Intercepts TCP packets on a port already in
steals matching ones before the application sees them, forwards or executes per the steals matching ones before the application sees them, forwards or executes per the
client's instruction. Normal traffic is unaffected. Zero changes to existing services. client's instruction. Normal traffic is unaffected. Zero changes to existing services.
---
## Intended Use
**Educational purposes only.** Do not deploy against systems you don't own or have
explicit authorisation to test.
The core use case this demonstrates: persistence on a firewalled host by piggybacking
on any already-permitted port (e.g. 80/443). Traffic is stolen at TC ingress before
the application sees it and never appears in its logs.
---
``` ```
Mode 1 — Plain TCP Mode 1 — Plain TCP
Client Server (:80) Client Server (:80)