Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
eBPF
eBPF is a technology that can run sandboxed programs in a privileged context such as the operating system kernel. It is used to safely and efficiently extend the capabilities of the kernel at runtime without requiring to change kernel source code or load kernel modules.
- GitHub: https://github.com/topics/ebpf
- Wikipedia: https://en.wikipedia.org/wiki/EBPF
- Created by: Alexei Starovoitov, Daniel Borkmann
- Released: 2014
- Last updated: 2024-12-23 00:08:03 UTC
- JSON Representation
https://github.com/tarsal-oss/kflowd
Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS, HTTP and SYSLOG Application Messages via eBPF Subsystem
co-re detection dlp dns dpi ebpf edr filesystem http monitoring netflow siem syslog tcp udp virus vulnerability xdr
Last synced: 12 Oct 2024
https://github.com/Gui774ume/network-security-probe
A process level network security monitoring and enforcement project for Kubernetes, using eBPF
ebpf enforcement kubernetes linux network-security profile security
Last synced: 20 Nov 2024
https://github.com/takehaya/vinbero
A complete subset of SRv6 local function & transit written in XDP
ebpf gtpu network-programming srv6 srv6-functions vinbero xdp
Last synced: 11 Oct 2024
https://github.com/Gui774ume/utrace
UTrace is a tracing utility that leverages eBPF to trace both user space and kernel space functions
Last synced: 12 Nov 2024
https://github.com/chen-keinan/kube-knark
Open Source runtime tool which help to detect malware code execution and run time mis-configuration change on a kubernetes cluster
ebpf ebpf-programs golang kubernetes linux scanner security
Last synced: 28 Oct 2024
https://github.com/yasindce1998/kubedagger
Kubernetes offensive framework built in eBPF
containers ebpf kubernetes linux linux-kernel linux-kernel-hacking malware rootkit runtime-security
Last synced: 16 Dec 2024
https://github.com/gui774ume/utrace
UTrace is a tracing utility that leverages eBPF to trace both user space and kernel space functions
Last synced: 09 Nov 2024
https://github.com/riptl/binaryninja-ebpf
Binary Ninja eBPF & Solana plugin (disasm & LLIL)
binary-ninja binary-ninja-plugin ebpf solana
Last synced: 12 Nov 2024
https://github.com/rphang/evilbpf
Weaponizing the Linux Kernel (Hide Files/PID, SSH backdoors, SSL Sniffer, ...) by poking around eBPF/XDP
ebpf kernel linux-kernel-hacking offensive-security rootkit security sshd xdp
Last synced: 12 Oct 2024
https://github.com/florianl/tc-skeleton
Simple project to demonstrate the loading of eBPF programs via florianl/go-tc.
ebpf kernel linux network-programming
Last synced: 28 Oct 2024
https://github.com/asphaltt/tc-dump
A network packet info dumping tool like tcpdump based on `tc-bpf`.
ebpf ebpf-co-re go golang skb tc tc-dump
Last synced: 13 Nov 2024
https://github.com/leodido/demo-cloud-native-ebpf-day
Various eBPF programs for tracing network connections
attack auditing bpf defense demo ebpf enforcement experimentation kernel lsm lsm-hooks prevention security talk tracepoints tracing
Last synced: 28 Oct 2024
https://github.com/odigos-io/offsets-tracker
This project tracks offsets of fields inside of Go structs across versions for achieveing automatic instrumentation using eBPF
ebpf go golang opentelemetry opentelemetry-go
Last synced: 31 Oct 2024
https://github.com/zz85/profile-bee
🐝🦀🔥 An ebpf based CPU profiler written in Rust
Last synced: 11 Nov 2024
https://github.com/fbac/sklookup-go
eBPF sk_lookup program as a golang library
cilium cilium-ebpf ebpf ebpf-programs golang kernel linux linux-kernel networking networking-programmability socket socket-programming
Last synced: 07 Nov 2024
https://github.com/sipcapture/rtcagent
RTCAgent is an eBPF powered HEP Agent for HOMER/HEPIC
ebpf freeswitch hep hep-agent hepic homer kamailio opensips
Last synced: 20 Nov 2024
https://github.com/ivlyth/process-bandwidth
an ebpf based program which focus on process's network bandwidth, like Nethogs but provides every connection's bandwidth as well, and even terminal graph
cli ebpf nethogs process-bandwidth
Last synced: 11 Oct 2024
https://github.com/groundcover-com/cli
groundcover's official CLI tool. Level up your K8s observability game with eBPF.
Last synced: 10 Nov 2024
https://github.com/gamemann/tc-ipip-mapper
TC programs aimed to add support for multiple remote hosts in IPIP tunnels.
bpf control ebpf ipip tc traffic traffic-control
Last synced: 27 Oct 2024
https://github.com/gamemann/TC-IPIP-Mapper
TC programs aimed to add support for multiple remote hosts in IPIP tunnels.
bpf control ebpf ipip tc traffic traffic-control
Last synced: 23 Oct 2024
https://github.com/lumbrjx/obzev0
Chaos engineering tool written in C/Go to test the resilience of TCP/UDP-based applications within Kubernetes environments, simulating various network conditions and failures to ensure the reliability of the overall system.
c channels chaos-engineering devops ebpf golang helm http kubernetes latency metrics multithreading network optimization prometheus proxy resiliency tcp testing testing-tools
Last synced: 12 Oct 2024
https://github.com/asphaltt/socketrace
socketrace is an eBPF-based tool to trace kernel socket events. License Apache 2.0 and GPL-2.0
ebpf socket socket-tracer socketrace
Last synced: 12 Oct 2024
https://github.com/shubhampalriwala/networth
eBPF based Network Monitoring using Prometheus and Grafana
ebpf grafana-dashboard prometheus xdp
Last synced: 23 Oct 2024
https://github.com/terassyi/seccamp-xdp
hands-on to implement simple network load balancer using XDP
ebpf load-balancer tutorial xdp
Last synced: 02 Nov 2024
https://github.com/takehaya/goxdp-template
A sample for writing XDP programs in Go
ebpf go golang network-programming vxlan xdp
Last synced: 16 Nov 2024
https://github.com/badouralix/dockerfiles
Dockerfiles everywhere :whale:
blake2s buildx caddy covid-19 curl docker docker-desktop docker-image dockerfile ebpf jq linux-headers lustre nusmv oh-my-zsh-theme rancher-cli toolbox zunit
Last synced: 14 Nov 2024
https://github.com/trailofbits/btfparse
A C++ library that parses debug information encoded in BTF format
Last synced: 08 Nov 2024
https://github.com/anoushk1234/zig-ebpf
Zig virtual machine for eBPF programs.
assembler bpf ebpf interpreter packet-filtering zig
Last synced: 14 Oct 2024
https://github.com/coder/exectrace
Simple eBPF-based exec snooping on Linux packaged as a Go library.
Last synced: 11 Oct 2024
https://github.com/trailofbits/linuxevents
A sample PoC for container-aware exec events for osquery
bpf ebpf linux monitoring runtime-code-generation tracing
Last synced: 08 Nov 2024
https://github.com/santandersecurityresearch/cryptomon
Network Cryptography Monitor - using eBPF, written in python
Last synced: 12 Oct 2024
https://github.com/msfidelis/eks-with-cilium
:whale: :package: :rocket: - Terraform template for a production ready EKS Cluster and Cilium Service Mesh and eBPF
cilium cloud-native ebpf eks kubernetes service-mesh terraform
Last synced: 08 Nov 2024
https://github.com/jumpbox-event/learn-ebpf
Learning eBPF Event 2024
cilium ebpf grafana-beyla kubernetes-security
Last synced: 15 Dec 2024
https://github.com/pouriyajamshidi/flat
Measure UDP and TCP connection latency for IPv4 and IPv6 using eBPF and Go
c ebpf go ipv4 ipv6 latency-monitor tcp udp
Last synced: 28 Oct 2024
https://github.com/acassen/xdp-fw
XDP FW: eXpress Data Path FireWall module
Last synced: 12 Nov 2024
https://github.com/r-caamano/zfw
An ebpf based firewall for openziti edge-routers/tunnelers
ebpf firewall linux-kernel openziti packet-filtering packet-redirect tc tc-ebpf traffic-control xdp
Last synced: 15 Nov 2024
https://github.com/k8sstormcenter/honeycluster
Threat-informed defense for cloudnative: Reference Implementation of a so-called Honeycluster - for kind (and GKE, RKE2, AKS)
cloudnative cybersecurity ebpf kubernetes threat-intelligence
Last synced: 12 Oct 2024
https://github.com/jumpbox-academy/learn-ebpf
Learning eBPF Event 2024
cilium ebpf grafana-beyla kubernetes-security
Last synced: 12 Oct 2024
https://github.com/hujun-open/etherconn
Package etherconn is a golang pkg that allow user to send/receive Ethernet payload (like IP pkt) or UDP packet ,with custom Ethernet encapsulation like MAC address, VLAN tags, without creating corresponding interface in OS;
Last synced: 05 Nov 2024
https://github.com/dylandreimerink/gobpfld
GoBPFLD is a pure go eBPF loader/userspace library
Last synced: 12 Oct 2024
https://github.com/tigera-solutions/prevent-detect-and-mitigate-container-based-threats
[Free Training Workshop] Learn how to prevent, detect and mitigate container based threats using Calico Cloud
aks calico cloudnative cloudsecurity cnapp containersecurity ebpf eks kubernetes zerotrust
Last synced: 05 Nov 2024
https://github.com/bwnetflow/flowpipeline
Process network flows using fully configurable pipelines.
ebpf go goflow golang influxdb kafka monitoring netflow network-analysis networking prometheus tcpdump-like
Last synced: 12 Oct 2024
https://github.com/gamemann/ipipdirect-tc
Sends outgoing IPIP packets back to the client directly instead of back through the IPIP tunnel/forwarding server. Uses TC egress filter for fast packet processing.
bpf direct ebpf egress ipip linux-tc tc traffic-control
Last synced: 27 Oct 2024
https://github.com/tricorder-observability/helm-charts
Helm Charts for tricorder observability.
Last synced: 13 Nov 2024
https://github.com/asphaltt/vista
An eBPF enhanced Linux kernel skb and socket tracing tool.
ebpf gopacket-pcap linux skb-tracing socket-tracing tcpdump vista
Last synced: 12 Oct 2024
https://github.com/thought-machine/falco-probes
Automated build and mirror of eBPF kernel probes for use as a driver with the Falco runtime security agent (https://falco.org/)
Last synced: 10 Nov 2024
https://github.com/loxilb-io/loxilb-ebpf
loxilb ebpf sub-module
cloud-native datapath ebpf kernel
Last synced: 11 Oct 2024
https://github.com/acceis/ebpf-hide-pid
This tool have the power to hide any PID/directory in the Linux kernel
Last synced: 12 Oct 2024
https://github.com/sumerc/gilstats.py
A utility for dumping per-thread statistics for CPython GIL using eBPF
cpython ebpf ebpf-programs multithreading observability python python-gil
Last synced: 08 Nov 2024
https://github.com/tholian-network/firewall
:rainbow: eBPF-based programmable firewall, intended for use in Go backends
Last synced: 16 Nov 2024
https://github.com/asphaltt/ebpf-vm-on-ebpf
Build a feature-less eBPF vm on eBPF, just for fun.
Last synced: 13 Nov 2024
https://github.com/asphaltt/iptables-bpf
An example of iptables-bpf with Go+eBPF
bpf ebpf go iptables iptables-bpf
Last synced: 13 Nov 2024
https://github.com/gfx/hello-bpf-core
An example app for BPF CO-RE and CI settings with GitHub Actions
Last synced: 28 Oct 2024
https://github.com/kumkeehyun/perisco
eBPF based, L7 protocols monitoring solution in k8s
cilium-ebpf ebpf http kubernetes microservice observability
Last synced: 09 Nov 2024
https://github.com/groundcover-com/blog
groundcover's blog materials. Level up your K8s observability game with eBPF.
blog ebpf kubernetes monitoring
Last synced: 10 Nov 2024
https://github.com/willfindlay/suidsnoop
suidsnoop is a tool based on eBPF LSM programs that logs whenever a suid binary is executed and implements custom allow/deny lists.
aya ebpf linux linux-kernel lsm rust security suid-binaries
Last synced: 14 Nov 2024
https://github.com/v-thakkar/talks
This repository contains the slides of my talks.
coccinelle ebpf embedded-linux kernel linux security static-code-analysis virtualization xen
Last synced: 27 Oct 2024
https://github.com/s5uishida/simple_measurement_of_upf_performance
Simple Measurement of UPF Performance
5g 5gc dpdk ebpf eupf free5gc open5gs packetrusher performance upf upg-vpp vpp xdp
Last synced: 21 Nov 2024
https://github.com/mahendrapaipuri/ceems
A Prometheus exporter and a REST API server to export metrics of compute units of resource managers like SLURM, Openstack, k8s, _etc_
cloud containers dashboards ebpf emissions energy-monitor grafana green-computing hpc json-api kubernetes metrics-server metrics-visualization monitoring observability openstack performance-monitoring prometheus prometheus-exporter slurm
Last synced: 01 Nov 2024
https://github.com/4rivappa/kube-trace-nfs
eBPF-Based NFS Telemetry Exporter for Kubernetes
Last synced: 12 Oct 2024
https://github.com/daeuniverse/dae-wing
dae-wing is a backend of dae, provides a method to bundle arbitrary frontend and dae into one binary.
dae ebpf graphql proxy transparent-proxy
Last synced: 14 Nov 2024
https://github.com/dkorunic/pktstat-bpf
TC and XDP eBPF based simple Ethernet interface traffic monitor and reporting tool
bpf ebpf linux network networking observability packet packet-capture tcpdump terminal traffic xdp
Last synced: 12 Oct 2024
https://github.com/stwind/dockersnoop
Intercept gRPC traffic of dockerd and containerd with eBPF
containerd docker ebpf golang grpc
Last synced: 21 Dec 2024
https://github.com/simar7/ebpfwall
A simple layer 4 firewall with eBPF in Go.
Last synced: 23 Oct 2024
https://github.com/hemslo/docker-bpf
Run ebpf programs in docker (e.g., bpftrace)
Last synced: 12 Nov 2024
https://github.com/isala404/lazy-koala
A toolkit to apply AIOps to distributed systems
anomaly-detection deep-learning ebpf hacktoberfest kubernetes monitoring root-cause-analysis
Last synced: 15 Oct 2024
https://github.com/kakkoyun/py-perf
A Proof-of-concept, low-overhead, sampling CPU profiler for Python implemented using eBPF.
bpf ebpf ebpf-programs optimization perfomance performance-testing profiler python rust
Last synced: 13 Oct 2024
https://github.com/asphaltt/iptables-trace
iptables-trace is an eBPF enhanced iptables-TRACE alternative iptables TRACE. GPL-3.0 license
ebpf ebpf-co-re iptables iptables-trace iptables-tracer kernel-module nf-trace
Last synced: 13 Nov 2024
https://github.com/eunomia-bpf/bpf-compatible
compatible library for ebpf programs to improve BTF portability
Last synced: 23 Oct 2024
https://github.com/x86taka/xdp-etherip
Implementation of EtherIP with XDP
ebpf ebpf-programs etherip xdp
Last synced: 21 Nov 2024
https://github.com/ancat/meatball
A host monitoring proof of concept that uses python and ebpf to watch for bad behavior and optionally take action on it.
ebpf host-monitoring python security
Last synced: 13 Nov 2024
https://github.com/Gyeeta/gyeeta
Gyeeta - An Open Source Observability Product for your Infrastructure, Services and Processes. This repository is for the Agent and Server C++ code.
alerting bpf cpp ebpf free gplv3 kubernetes libbpf monitoring observability opensource rcu
Last synced: 01 Nov 2024
https://github.com/hitsz-ids/duetector
duetector🔍: Data Usage Extensible Detector for data usage observability.
bcc data-usage ebpf kata-containers observability
Last synced: 11 Nov 2024
https://github.com/ciffelia/tsblock
Prevent tailscale from using specific network interfaces
Last synced: 12 Oct 2024
https://github.com/asphaltt/sockdump
Dump unix domain socket traffic with Go+bpf
Last synced: 27 Sep 2024
https://github.com/gamemann/compressor-v2-fou-wrap-unwrapper
TC programs made for wrapping and unwrapping marked FOU-encapped packets. Being used for Compressor V2
bpf ebpf egress filter filtering fou ingress ip ipip link linux-tc nftables processing tc traffic-control tunnel udp
Last synced: 27 Oct 2024
https://github.com/atomic77/nethadone
An adaptive eBPF-based router built to discourage network users from compulsive web usage
armbian ebpf networking orangepi sbc
Last synced: 12 Oct 2024
https://github.com/ds2-lab/alps
ALPS: An Adaptive Learning, Priority OS Scheduler for Serverless Functions (USENIX ATC'24)
ebpf faas os scheduling serverless
Last synced: 12 Oct 2024
