Check the net.core.bpf_jit_enable settings (weak BPF functionality implementation which allows further access to kernel assets), kernel.unprivileged_bpf_disable (weakBPF functionality implementation which allows for unprivileged access), and kernel.unprivileged_userns_clone (enables unprivileged user namespaces).
View Command
To view this TTPs command, you must be logged in with a professional or enterprise license.