Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
eBPF
eBPF is a technology that can run sandboxed programs in a privileged context such as the operating system kernel. It is used to safely and efficiently extend the capabilities of the kernel at runtime without requiring to change kernel source code or load kernel modules.
- GitHub: https://github.com/topics/ebpf
- Wikipedia: https://en.wikipedia.org/wiki/EBPF
- Created by: Alexei Starovoitov, Daniel Borkmann
- Released: 2014
- Last updated: 2024-11-04 00:08:33 UTC
- JSON Representation
https://github.com/aquasecurity/btfhub
BTFhub, in collaboration with the BTFhub Archive repository, supplies BTF files for all published kernels that lack native support for embedded BTF. This joint effort ensures that even kernels without built-in BTF support can effectively leverage the benefits of eBPF programs, promoting compatibility across various kernel versions.
Last synced: 12 Oct 2024
https://github.com/esonhugh/sshd_backdoor
/root/.ssh/authorized_keys evil file watchdog with ebpf tracepoint hook.
backdoor ebpf offensive-security
Last synced: 12 Oct 2024
https://github.com/coroot/coroot-node-agent
A Prometheus exporter based on eBPF that gathers comprehensive container metrics
ebpf logs monitoring network-metrics node-metrics observability prometheus prometheus-exporter prometheus-metrics
Last synced: 12 Oct 2024
https://github.com/Esonhugh/sshd_backdoor
/root/.ssh/authorized_keys evil file watchdog with ebpf tracepoint hook.
backdoor ebpf offensive-security
Last synced: 04 Aug 2024
https://github.com/gojue/ebpfmanager
A golang ebpf libary based on cilium/ebpf and datadog/ebpf.
Last synced: 31 Oct 2024
https://github.com/kmesh-net/kmesh
High Performance ServiceMesh Data Plane Based on Programmable Kernel
ebpf kernel networking traffic-management
Last synced: 29 Oct 2024
https://github.com/epickrram/grav
Performance visualisation tools
ebpf flamegraph monitoring observability performance
Last synced: 12 Oct 2024
https://github.com/odigos-io/opentelemetry-go-instrumentation
OpenTelemetry auto-instrumentation for Go applications
ebpf go golang kubernetes observability opentelemetry
Last synced: 09 Oct 2024
https://github.com/chriskalix/hades
Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)
agent ebpf ebpf-programs ebpf-sec golang hids libbpf linux netlink runtime-security rust security
Last synced: 30 Oct 2024
https://github.com/chriskaliX/Hades
Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)
agent ebpf ebpf-programs ebpf-sec golang hids libbpf linux netlink runtime-security rust security
Last synced: 04 Aug 2024
https://github.com/open-telemetry/opentelemetry-network
eBPF Collector
ebpf open-telemetry opentelemetry
Last synced: 07 Oct 2024
https://github.com/OpenCloudOS/nettrace
nettrace is a eBPF-based tool to trace network packet and diagnose network problem.
Last synced: 20 Oct 2024
https://github.com/opencloudos/nettrace
nettrace is a eBPF-based tool to trace network packet and diagnose network problem.
Last synced: 30 Oct 2024
https://github.com/mehrdadrad/tcpdog
eBPF based TCP observability.
bpf ebpf linux monitoring observability socket tcp tool
Last synced: 31 Oct 2024
https://github.com/furkanonder/beetrace
Trace your python process line by line with low overhead!
Last synced: 12 Oct 2024
https://github.com/newtools/ebpf
eBPF Utilities, Maps, and more
ebpf ebpf-opcode linux network-programming security-tools tracing
Last synced: 03 Aug 2024
https://github.com/yadutaf/tracepkt
Trace a ping packet journey across network interfaces and namespace on recent Linux. Supports IPv4 and IPv6.
Last synced: 03 Aug 2024
https://github.com/lac-dcc/honey-potion
Writing eBPF programs with Elixir!
bpf bpftool c clang compiler compiler-construction compiler-design compilers ebpf elixir elixir-lang elixir-library framework libbpf linux linux-kernel metaprogramming network-monitoring optimizer tracing
Last synced: 30 Oct 2024
https://github.com/lockc-project/lockc
Making containers more secure with eBPF and Linux Security Modules (LSM)
containers ebpf kubernetes lsm lsm-hooks security
Last synced: 31 Oct 2024
https://github.com/rancher-sandbox/lockc
Making containers more secure with eBPF and Linux Security Modules (LSM)
containers ebpf kubernetes lsm lsm-hooks security
Last synced: 06 Aug 2024
https://github.com/falcosecurity/libs
libsinsp, libscap, the kernel module driver, and the eBPF driver sources
ebpf falco-drivers kmod libscap libsinsp
Last synced: 12 Oct 2024
https://github.com/navarrothiago/upf-bpf
An In-Kernel Solution Based on eBPF / XDP for 5G UPF
3gpp 5g 5g-core 5g-core-network 5gc bpf cmake co-re ebpf flex trex-engine trex-traffic-generator upf
Last synced: 01 Nov 2024
https://github.com/apache/skywalking-rover
Monitor and profiler powered by eBPF to monitor network traffic, and diagnose CPU and network performance.
apm ebpf network observability profile service-mesh skywalking
Last synced: 07 Oct 2024
https://github.com/hengyoush/kyanos
A powerful but easy-to-use cmd line tool helps you find/analysis/diagnose network issues in 30s.
bpf capture command-line-tool ebpf network sniffer tcp tcpdump tcpdump-like
Last synced: 30 Oct 2024
https://github.com/tricorder-observability/starship
Starship: next-generation Observability platform built with eBPF+WASM
ebpf observability opentelemetry prometheus wasm webassembly
Last synced: 09 Oct 2024
https://github.com/gamemann/xdp-forwarding
Layer 3/4 packet forwarding software that utilizes the Linux kernel's XDP hook. The XDP hook allows for very fast network processing on Linux systems. Uses source port mapping similar to IPTables and NFTables.
bpf drv ebpf forwarding icmp kernel l3 layer3 layer4 linux linux-kernel mapping processing routing sourceport tcp udp xdp xdp-forwarding
Last synced: 27 Oct 2024
https://github.com/furkanonder/dnstrace
Monitor DNS queries by host processes using eBPF!
bcc bpf dns ebpf ebpf-programs
Last synced: 30 Oct 2024
https://github.com/clouddetail/apo
OpenTelemetry 结合 eBPF 的向导式可观测性产品
apm ebpf logs metrics observability opentelemetry tracing
Last synced: 09 Oct 2024
https://github.com/CloudDetail/apo
OpenTelemetry 结合 eBPF 的向导式可观测性产品
apm ebpf logs metrics observability opentelemetry tracing
Last synced: 03 Oct 2024
https://github.com/aojea/netkat
netcat using netstack userspace library and eBPF
Last synced: 11 Oct 2024
https://github.com/linux-lock/bpflock
bpflock - eBPF driven security for locking and auditing Linux machines
bpf containers ebpf iot iot-security kernel kubernetes lsm security
Last synced: 04 Aug 2024
https://github.com/mozillazg/ptcpdump
Process-aware, eBPF-based tcpdump
bpf ebpf ebpf-go ebpf-tc forensics network-capture packet-capture pcap pcapng process-aware sniffer tcpdump tcpdump-like
Last synced: 30 Oct 2024
https://github.com/elastic/bpfcov
Source-code based coverage for eBPF programs actually running in the Linux kernel
bpf c codecoverage coverage cpp ebpf llvm llvm-pass
Last synced: 07 Oct 2024
https://github.com/mozillazg/hello-libbpfgo
Examples for libbpf, aquasecurity/libbpfgo and cilium/ebpf
Last synced: 30 Oct 2024
https://github.com/gui774ume/ebpfkit-monitor
ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits
ebpf kernel linux linux-kernel linux-kernel-hacking rootkit runtime-security security
Last synced: 12 Oct 2024
https://github.com/fuweid/embedshim
Provide task runtime implementation with pidfd and eBPF sched_process_exit tracepoint to manage deamonless container with low overhead.
Last synced: 01 Nov 2024
https://github.com/redcanaryco/oxidebpf
A Rust library for managing eBPF programs.
Last synced: 27 Sep 2024
https://github.com/trailofbits/ebpfpub
ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.
bpf ebpf llvm monitoring security tracepoints tracing
Last synced: 04 Aug 2024
https://github.com/netobserv/netobserv-ebpf-agent
Network Observability eBPF Agent
ebpf kubernetes network-observability openshift
Last synced: 20 Oct 2024
https://github.com/pmem/vltrace
Tool tracing syscalls in a fast way using eBPF linux kernel feature
bcc ebpf ebpf-programs kprobes syscall syscalls tracepoints
Last synced: 04 Aug 2024
https://github.com/willfindlay/bpfbox
🐝 BPFBox 📦 Exploring process confinement in eBPF
bcc ebpf linux linux-kernel runtime-security sandbox security
Last synced: 04 Aug 2024
https://github.com/CN-TU/machine-learning-in-ebpf
This repository contains the code for the paper "A flow-based IDS using Machine Learning in eBPF", Contact: Maximilian Bachl
decision-trees ebpf linux machine-learning tree-based-methods
Last synced: 30 Oct 2024
https://github.com/ddddddo/packemon
Packet monster (っ‘-’)╮=͟͟͞͞◒ ヽ( '-'ヽ) TUI tool for sending packets of arbitrary input and monitoring packets on any network interfaces (default: eth0).
cli ebpf linux network networking packet packet-analyzer packet-generator packet-monitoring penetration-testing pentest-tool protocol tui
Last synced: 12 Oct 2024
https://github.com/ebpfdev/explorer
eBPF explorer is Web UI that lets you see all the maps and programs in eBPF subsystem
Last synced: 12 Oct 2024
https://github.com/nirmata/kube-netc
A Kubernetes eBPF network monitor
ebpf kubernetes networking prometheus
Last synced: 30 Sep 2024
https://github.com/yanivagman/bpfroid
Trace Android framework API, native libraries, system calls and other events using eBPF
Last synced: 26 Oct 2024
https://github.com/boratanrikulu/durdur
eBPF-powered L3/L4 packet dropper.
bpf dns ebpf firewall networking xdp
Last synced: 12 Oct 2024
https://github.com/dswarbrick/ebpf_exporter
A Prometheus exporter which uses eBPF to measure block IO request latency / size
ebpf prometheus prometheus-exporter
Last synced: 27 Oct 2024
https://github.com/nullswan/bpfsnitch
Real-time network & syscall monitoring tool for Linux systems and Kubernetes clusters
ebpf kubernetes monitoring network syscall
Last synced: 09 Oct 2024
https://github.com/CycodeLabs/cimon-action
Runtime Security Solution for your CI/CD Pipeline
cicd ebpf github-actions hardening linux security security-hardening supply-chain-security
Last synced: 03 Aug 2024
https://github.com/aya-rs/aya-template
A cargo-generate template for Rust eBPF Projects using Aya
Last synced: 03 Aug 2024
https://github.com/jschwinger233/skbdump
ebpf-based tcpdump
bpf ebpf network-sniffer tcpdump
Last synced: 02 Nov 2024
https://github.com/rafaeldtinoco/howtos
Documents that might help others.
books ebpf internals kernel kvm libbpf libbpfgo linux networking programming qemu security tracee virtualization
Last synced: 28 Oct 2024
https://aya-rs.github.io/book/
The Aya Book is an introductory book about using the Rust Programming Language and Aya library to build extended Berkley Packet Filter (eBPF) programs.
Last synced: 03 Aug 2024
https://github.com/aya-rs/book
The Aya Book is an introductory book about using the Rust Programming Language and Aya library to build extended Berkley Packet Filter (eBPF) programs.
Last synced: 03 Aug 2024
https://github.com/gui774ume/ssh-probe
monitor and protect SSH sessions with eBPF
ebpf fim linux mfa-verification monitoring process-monitoring ssh-session
Last synced: 02 Nov 2024
https://github.com/0xdeafbeef/jeprofl
Allocations profiler built using ebpf
Last synced: 31 Oct 2024
https://github.com/yunwei37/eunomia
A lightweight eBPF-based Monitor tool:run ebpf as a service!
cloud-native container cpp cpp-library cpp20 ebpf kubernetes monitor observability prometheus security
Last synced: 28 Oct 2024
https://github.com/shaneutt/ebpf-rust-udp-loadbalancer-demo
A demo app covering building an eBPF load-balancer in Rust
ebpf linux load-balancer rust xdp
Last synced: 28 Oct 2024
https://github.com/gui774ume/fsprobe
A file system events notifier based on eBPF
Last synced: 11 Oct 2024
https://github.com/rebpf/rebpf
A Rust library to write and load bpf programs built on top of libbpf (no bcc dependency).
Last synced: 01 Nov 2024
https://github.com/kube-tarian/tarian
Protect your Cloud Native Applications running on Kubernetes from malicious attacks with pre-registered source code, pre-registered runtime processes monitoring, automated actions based on configure-actions, analytics, alerting and also sharing detections with community. Maybe save from Ransomware. Shift-Left your threat detection. Shift Right threat elimination.
anti-malware anti-virus antimalware antivirus antivirus-software cloudnative containers devsecops ebpf hacktoberfest kubernetes kubernetes-antimalware kubernetes-security microservices runtime-security security security-hardening security-tools shiftleft tarian
Last synced: 11 Oct 2024
https://github.com/fzakaria/ebpf-mpls-encap-decap
Sample project demonstrating how to use eBPF to encap/decap packets with an MPLS label.
bpf bpfilter ebpf ebpf-programs linux linux-kernel-hacking
Last synced: 28 Oct 2024
https://github.com/eunomia-bpf/llvmbpf
Userspace eBPF VM with llvm JIT/AOT compiler
aot ebpf jit llvm runtime virtual-machine
Last synced: 14 Oct 2024
https://github.com/jamesits/linux-gre-keepalive
High-performance passive (a.k.a. reply-only) GRE keepalive support for Linux, written in eBPF/XDP.
ebpf gre gre-tunnel keep-alive linux xdp
Last synced: 15 Oct 2024
https://github.com/mozillazg/libbpfgo-tools
libbpfgo port of bcc/libbpf-tools
bcc ebpf go golang libbpf libbpf-tools libbpfgo
Last synced: 12 Oct 2024
https://github.com/tarsal-oss/kflowd
Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS, HTTP and SYSLOG Application Messages via eBPF Subsystem
co-re detection dlp dns dpi ebpf edr filesystem http monitoring netflow siem syslog tcp udp virus vulnerability xdr
Last synced: 12 Oct 2024
https://github.com/gui774ume/network-security-probe
A process level network security monitoring and enforcement project for Kubernetes, using eBPF
ebpf enforcement kubernetes linux network-security profile security
Last synced: 23 Oct 2024
https://github.com/Gui774ume/network-security-probe
A process level network security monitoring and enforcement project for Kubernetes, using eBPF
ebpf enforcement kubernetes linux network-security profile security
Last synced: 04 Aug 2024
https://github.com/takehaya/vinbero
A complete subset of SRv6 local function & transit written in XDP
ebpf gtpu network-programming srv6 srv6-functions vinbero xdp
Last synced: 11 Oct 2024
https://github.com/chen-keinan/kube-knark
Open Source runtime tool which help to detect malware code execution and run time mis-configuration change on a kubernetes cluster
ebpf ebpf-programs golang kubernetes linux scanner security
Last synced: 28 Oct 2024
https://github.com/gui774ume/utrace
UTrace is a tracing utility that leverages eBPF to trace both user space and kernel space functions
Last synced: 23 Oct 2024
https://github.com/florianl/tc-skeleton
Simple project to demonstrate the loading of eBPF programs via florianl/go-tc.
ebpf kernel linux network-programming
Last synced: 28 Oct 2024
https://github.com/rphang/evilbpf
Weaponizing the Linux Kernel (Hide Files/PID, SSH backdoors, SSL Sniffer, ...) by poking around eBPF/XDP
ebpf kernel linux-kernel-hacking offensive-security rootkit security sshd xdp
Last synced: 12 Oct 2024
https://github.com/riptl/binaryninja-ebpf
Binary Ninja eBPF & Solana plugin (disasm & LLIL)
binary-ninja binary-ninja-plugin ebpf solana
Last synced: 03 Aug 2024
https://github.com/leodido/demo-cloud-native-ebpf-day
Various eBPF programs for tracing network connections
attack auditing bpf defense demo ebpf enforcement experimentation kernel lsm lsm-hooks prevention security talk tracepoints tracing
Last synced: 28 Oct 2024
https://github.com/fbac/sklookup-go
eBPF sk_lookup program as a golang library
cilium cilium-ebpf ebpf ebpf-programs golang kernel linux linux-kernel networking networking-programmability socket socket-programming
Last synced: 14 Oct 2024
https://github.com/odigos-io/offsets-tracker
This project tracks offsets of fields inside of Go structs across versions for achieveing automatic instrumentation using eBPF
ebpf go golang opentelemetry opentelemetry-go
Last synced: 31 Oct 2024