eBPF
eBPF is a technology that can run sandboxed programs in a privileged context such as the operating system kernel. It is used to safely and efficiently extend the capabilities of the kernel at runtime without requiring to change kernel source code or load kernel modules.
- GitHub: https://github.com/topics/ebpf
- Wikipedia: https://en.wikipedia.org/wiki/EBPF
- Created by: Alexei Starovoitov, Daniel Borkmann
- Released: 2014
- Last updated: 2026-06-22 00:09:11 UTC
- JSON Representation
https://github.com/daeuniverse/dae-wing
dae-wing is a backend of dae, provides a method to bundle arbitrary frontend and dae into one binary.
dae ebpf graphql proxy transparent-proxy
Last synced: 19 Oct 2025
https://github.com/containerscrew/rootisnaked
Simple root privilege escalation detection using eBPF 🐝
cilium-ebpf ebpf ebpf-go go golang linux-kernel privilege-escalation security
Last synced: 12 Apr 2025
https://github.com/p-r-a-v-i-n/rwatch
Real-time Threat Detection using eBPF + Rust
ebpf kern kernel linux rust secu security-tools thread threat-detection
Last synced: 18 Apr 2026
https://github.com/markpash/find-bad-middleboxes
This is the proof-of-concept code that accompanies the eBPF Summit lightning talk I gave called Bad middlebox!
bpf bpf2go cilium ebpf ebpf-summit middlebox
Last synced: 15 May 2025
https://github.com/yutarohayakawa/zebra-bpf-dplane-example
An example implementation of the Zebra BPF DPlane
ebpf frrouting linux-kernel srv6
Last synced: 07 Apr 2025
https://github.com/asphaltt/iptables-trace
iptables-trace is an eBPF enhanced iptables-TRACE alternative iptables TRACE. GPL-3.0 license
ebpf ebpf-co-re iptables iptables-trace iptables-tracer kernel-module nf-trace
Last synced: 24 Aug 2025
https://github.com/stwind/dockersnoop
Intercept gRPC traffic of dockerd and containerd with eBPF
containerd docker ebpf golang grpc
Last synced: 11 Apr 2025
https://github.com/myl7/xdptun
UDP packet obfuscation with eBPF, which tunnels UDP over pseudo-TCP
ebpf tc-bpf udp-obfuscation udp-over-tcp xdp
Last synced: 10 Apr 2025
https://github.com/dwisiswant0/fastdns
DNS at ludicrous speed for Go, powered by XDP sockets. [EXPERIMENTAL]
af-xdp dns dns-client ebpf xdp
Last synced: 17 May 2026
https://github.com/ds2-lab/alps
ALPS: An Adaptive Learning, Priority OS Scheduler for Serverless Functions (USENIX ATC'24)
ebpf faas os scheduling serverless
Last synced: 10 Oct 2025
https://github.com/utkar5hm/mariadb-ebpf-exporter
eBPF based prometheus Exporter for mysql/mariadb query latencies.
c docker ebpf go golang grafana grafana-dashboard libbpfgo mariadb mysql prometheus prometheus-exporter uprobe uprobes
Last synced: 10 Apr 2025
https://github.com/asphaltt/sockdump
Dump unix domain socket traffic with Go+bpf
Last synced: 02 Oct 2025
https://github.com/ancat/meatball
A host monitoring proof of concept that uses python and ebpf to watch for bad behavior and optionally take action on it.
ebpf host-monitoring python security
Last synced: 06 May 2025
https://github.com/cppcoffee/ipblock
IP-Block is an IP firewall implemented using XDP.
Last synced: 12 Apr 2025
https://github.com/srodi/xdp-ddos-protect
This project provides a BPF XDP program to detect and mitigate DDoS attacks targeting a specific endpoint by monitoring unusually high traffic
amd64 arm64 c ddos-attacks ebpf linux xdp
Last synced: 17 Mar 2026
https://github.com/hawkv6/hawkwing
Leveraging eBPF for Intent-Driven Application-Centric End-to-End Segment Routing over IPv6
Last synced: 14 Jan 2026
https://github.com/vobst/bpfvol3
Linux BPF plugins for Volatility3
bpf ebpf forensics forensics-tools memory-forensics plugin volatility volatility3
Last synced: 09 Oct 2025
https://github.com/gamemann/compressor-v2-fou-wrap-unwrapper
TC programs made for wrapping and unwrapping marked FOU-encapped packets. Being used for Compressor V2
bpf ebpf egress filter filtering fou ingress ip ipip link linux-tc nftables processing tc traffic-control tunnel udp
Last synced: 05 Mar 2026
https://github.com/eunomia-bpf/gpttrace-web
Generate bpftrace eBPF programs online with GPT or LLM
Last synced: 19 Jun 2025
https://github.com/hitsz-ids/duetector
duetector🔍: Data Usage Extensible Detector for data usage observability.
bcc data-usage ebpf kata-containers observability
Last synced: 26 Apr 2025
https://github.com/atomic77/nethadone
An adaptive eBPF-based router built to discourage network users from compulsive web usage
armbian ebpf networking orangepi sbc
Last synced: 12 Jul 2025
https://github.com/Gyeeta/gyeeta
Gyeeta - An Open Source Observability Product for your Infrastructure, Services and Processes. This repository is for the Agent and Server C++ code.
alerting bpf cpp ebpf free gplv3 kubernetes libbpf monitoring observability opensource rcu
Last synced: 30 Mar 2025
https://github.com/mirastacklabs-ai/telegen
# Telegen - One Agent, Many Telemetry signals
cncf ebpf observability opentelemetry
Last synced: 01 May 2026
https://github.com/electrocucaracha/k8s-networkingdeepdive-demo
Didactic project for K8s Networking analysis
cni-plugin ebpf flannel ipvs kubernetes networking
Last synced: 23 Jun 2025
https://github.com/mmisono/cbpf-to-llvm-ir
Convert cBPF program to LLVM IR (to compile eBPF program)
Last synced: 06 Apr 2025
https://github.com/pchaigno/tail-call-bench
Benchmark tools to evaluate the cost of BPF tail calls
Last synced: 10 Apr 2025
https://github.com/gamemann/xdp-playground
Stores XDP programs and loaders I use for testing/helping others with (e)BPF and XDP.
basic bpf ebpf go golang-loader libbpf playground testing xdp xdp-loader xdp-tools
Last synced: 15 Aug 2025
https://github.com/webspoilt/omniclaw
The Hybrid Hive AI Agent System. Deploy a decentralized, peer-reviewed swarm of autonomous agents with deep Linux/eBPF kernel access. Natively command your system 24/7 via Telegram, WhatsApp, Discord, or desktop Voice-Wake. Disclaimer: Heavily developed with AI Assistance.
agents ai ai-assistant automation autonomous-agents cybersecurity ebpf kernel-bridge ollama python rust swarm-intelligence telegram-bot termux
Last synced: 02 Mar 2026
https://github.com/uni-tue-kn/tcbee
This repository contains the source code for TCBee, a TCP flow analysis tool recording packet headers and kernel metrics at up to 1.4 Mpps
ebpf tcp tcp-analysis tcp-analyzer xdp
Last synced: 08 May 2025
https://github.com/srodi/ebpf-prometheus-metrics
This project process eBPF events into Prometheus metrics via a Go user-space application. A Grafana dashboard is included to visualize Kernel Network Latency.
docker ebpf go grafana helm kubernetes linux-kernel prometheus
Last synced: 22 Aug 2025
https://github.com/lime-org/lime-rtw
The main LiME code repository
arrival-curves ebpf real-time-systems sporadic task-model wcet
Last synced: 04 Mar 2026
https://github.com/unikzforce/ebpf-golang-devcontainer
a starter project develop ebpf in golang + devcontainer docker environment, works any env supporting docker, like apple silicon (m1/m2/m3...)
apple-sil devcontainer docker ebpf golang m1 m1-ma m2-mac m3-mac
Last synced: 10 Apr 2025
https://github.com/kumkeehyun/ttcp
traces tcp requests in kernel. allow to set up IPs to filter dynamically using bpf-map.
Last synced: 26 Oct 2025
https://github.com/upioti/minecraft-bedrock-xdp-ebpf
First and only publicly avaliable Raknet/Minecraft Bedrock XDP filter, Protects your server by dropping all traffic that isnt valid Layer7 Raknet/MC Bedrock Protocol
antiddos appfilter bedrock bpf ddos ebpf filter firewall layer7 linux-networking minecraft packet protection raknet udp xdp
Last synced: 17 May 2026
https://github.com/esonhugh/ebpf_cilium_starter
cilium ebpf common starter template for go.
cilium cilium-ebpf ebpf starter starter-template
Last synced: 10 Oct 2025
https://github.com/eunomia-bpf/ken
Kernel Extensions Large Language Model Agent
Last synced: 19 Jun 2025
https://github.com/fjebaker/ebpf-energy-monitor
Monitoring energy usage with eBPF at process level granularity.
bpf ebpf energy-consumption energy-monitor zig
Last synced: 27 Jul 2025
https://github.com/h0x0er/ebpf-cover
Highlights eBPF-code covered by verifier
coverage ebpf vscode-extension
Last synced: 03 Apr 2026
https://github.com/fkie-cad/bpf-rootkit-workshop
Workshop: Forensic Analysis of eBPF based Linux Rootkits
bpf bpf-malware ebpf ebpf-malware forensics linux live-forensics malware memory-forensics rootkit
Last synced: 05 Oct 2025
https://github.com/eunomia-bpf/xdp-ebpf-in-dpdk
XDP in DPDK with userspace eBPF (Move to https://github.com/userspace-xdp/userspace-xdp
Last synced: 04 Oct 2025
https://github.com/rhargreaves/knock-knock
Port knocking implementation in eBPF
Last synced: 29 Aug 2025
https://github.com/peterstolz/pybpfmaps
Python library to interact with bpf/ebpf maps via libbpf bindings
Last synced: 28 Jun 2025
https://github.com/eunomia-bpf/linux-trace-ai-agent
An experiment AI agent for automatic monitoring of system performance.
ebpf gpt monitoring performance
Last synced: 30 Apr 2026
https://github.com/eunomia-bpf/eunomia-cc
Compile and Run eBPF with WASM (Development move to https://github.com/eunomia-bpf/eunomia-bpf)
ebpf ebpf-co-re wasi-sdk wasm webassembly
Last synced: 19 Jun 2025
https://github.com/san7o/kivebpf
Kive is a free and open source eBPF-powered file access monitoring Kubernetes operator. Kivebpf provides a stable API to place inode-based traps on files and receive alerts when a file is accessed.
Last synced: 18 Aug 2025
https://github.com/summerwind/l3dsr-packet-forwarder
DSCP based L3DSR packet forwarder using XDP
Last synced: 04 Apr 2025
https://github.com/asphaltt/iptables-in-bpf
An iptables-like ACL implementation with eBPF.
acl bpf ebpf ebpf-co-re iptables
Last synced: 06 May 2025
https://github.com/eunomia-bpf/eunomia-exporter
A simple OpenTelemetry collector for custom eBPF metrics with Wasm
co-re ebpf exporter libbpf observability opentelemetry prometheus wasm
Last synced: 19 Jun 2025
https://github.com/ensoft/marple
MARPLE is an open-source system profiling tool for Linux-based systems
bcc data-visualization ebpf embedded-linux linux-kernel perf-events performance-analysis performance-monitoring python
Last synced: 13 Apr 2025
https://github.com/boylegu/tyrshield
zero-overhead SSH protection at XDP speed. Guard your SSH like tyr guard the gates of asgard!
ebpf go golang iouring ssh xdp xdp-sockets
Last synced: 13 May 2025
https://github.com/asphaltt/skbdist
A bpf-based packet's latency distribution measurement tool. Apache 2.0 License
Last synced: 10 Apr 2025
https://github.com/asphaltt/ethtoolsnoop
ethtoolsnoop is an ethtool tracing tool based on Go+eBPF. License Apache 2.0
Last synced: 10 Apr 2025
https://github.com/pcolladosoto/wg-ebpf
A repository containing the sample deployment used for the XVII REDIMadrid conference
Last synced: 18 Apr 2025
https://github.com/mfontanini/sockwho
Inspect socketaddrs using eBPF tracepoints
Last synced: 12 Apr 2025
https://github.com/InfobloxOpen/ebpf
A CoreDNS plugin that will attach an eBPF XDP program to a specified interface
Last synced: 10 May 2025
https://github.com/infobloxopen/ebpf
A CoreDNS plugin that will attach an eBPF XDP program to a specified interface
Last synced: 03 Mar 2025
https://github.com/mmisono/rust-cbpf
Userspace cBPF interpreter and cBPF to eBPF converter
Last synced: 06 Apr 2025
https://github.com/vitorpy/cobolana
🔥 COBOL on Solana - Because 1959 deserves to run on the blockchain. The world's most absurd compiler: Enterprise COBOL → Solana BPF. It actually works.
blockchain bpf cobol compiler cursed ebpf meme solana solana-program
Last synced: 01 Nov 2025
https://github.com/datahangar/sfunnel
K8s service funneling using eBPF
affinity clientip clusterip ebpf funneling k8s kubernetes loadbalancer nodeport
Last synced: 26 Aug 2025
https://github.com/defend-ai-tech-inc/agent-discover-scanner
Multi-layer AI agent detection: Static code analysis, network monitoring, and Kubernetes runtime visibility with eBPF.
ai-agents ai-governance ai-security cilium-tetragon devsecops ebpf kubernetes-securty llm-security network-monitoring open-source python security-scanner shadow-ai static-analysis
Last synced: 12 Feb 2026
https://github.com/wqld/sinabro
Sinabro is a networking solution for Kubernetes that leverages eBPF to provide high-performance networking and security features
aya cni container ebpf k8s kubernetes networking rust xdp
Last synced: 17 Mar 2026
https://github.com/fukuda-lab/fide
FIDe is an fully in-kernel anomaly detection/mitigation framework based on eBPF.
Last synced: 06 Apr 2025
https://github.com/esonhugh/my_durdur
Cilium/ebpf Learning idea from boratanrikulu/durdur
Last synced: 14 Jul 2025
https://github.com/brian14708/wg-gatekeeper
🛡️ WireGuard VPN with bandwidth shaping using eBPF
Last synced: 26 Feb 2026
https://github.com/fbac/skproxy
eBPF proxy with loadbalancing capabilities
cilium cilium-ebpf ebpf ebpf-programs golang linux networking proxy tcp tcp-proxy
Last synced: 10 Apr 2025
https://github.com/lawouach/ebpf-2021-talk
Code for my talk at ebpf 2021 conference
devops ebpf reliability reliably sre
Last synced: 12 Apr 2025
https://github.com/unredacted/packetframe
PacketFrame is a modular eBPF-based packet-processing framework written in pure Rust
bpf ebpf networking routing rust rust-lang xdp
Last synced: 20 May 2026
https://github.com/sevan/viewpoint-linux
A Linux distribution with a focus on observability (RO Mirror)
bpftrace debugging ebpf lfs linuxfromscratch
Last synced: 28 Feb 2026
https://github.com/mtardy/mahebpf
(For now 😼) an educational eBPF disassembler
Last synced: 10 Apr 2025
https://github.com/samankhalife/xdf
X-Defender💥 is an advanced (D)DoS mitigation tool built with eBPF and XDP. It not only filters and limits malicious traffic in real-time but also takes a proactive and aggressive approach to neutralize threats before they impact your network.
ddos-mitigation ddos-protection ebpf ebpf-programs xdp
Last synced: 30 Jul 2025
https://github.com/metrico/qryn-coroot
Tutorial: qryn + coroot eBPF based Monitoring and Troubleshooting
coroot ebpf observability prometheus qryn telemetry
Last synced: 12 Apr 2025
https://github.com/jklaiber/ebpf-bridge
Linux bridge management with ebpf made simple
Last synced: 05 Sep 2025
https://github.com/rinhizakura/ebpf-strace
A demonstration to show how to trace syscalls by eBPF
Last synced: 24 Aug 2025
https://github.com/atrosinenko/bpfinst-spec
Generic API for different eBPF-based instrumenter engines
Last synced: 24 Apr 2026
https://github.com/lumbrjx/ebpf-nta
A simple, portable eBPF C program for analyzing and filtering network traffic on Linux. With a self-cleaning Go-based user-space program including easy setup and cleanup using a Makefile.
c ebpf filtering golang kernel-space linux monitoring networking observability packet tcp traffic-control user-space
Last synced: 26 Oct 2025
https://github.com/poonai/cgoleak
A ebpf based memory leak detector for CGO program
cgo cgo-bindings ebpf golang memory-leak
Last synced: 26 Jun 2025
https://github.com/antonmry/galiglobal
Blog about distributed systems, data at scale and a bit of cool tech
at-protocol ebpf opentelemetry rust
Last synced: 06 Mar 2026
https://github.com/eunomia-bpf/bpf-oci
A lib manage wasm-bpf exec as OCI image
Last synced: 28 Feb 2025
https://github.com/flomesh-io/fnlb
fnlb(Flomesh network load balancer) is an ebpf based layer 4 load balancer.
ebpf layer-4-loadbalancer load-balancer
Last synced: 15 Apr 2025
https://github.com/moolen/skouter
🛡️ cloud-native eBPF node egress firewall
Last synced: 21 Apr 2025
