Yelp / pidtree-bccLinks
eBPF tool for logging process ancestry of outbound TCP connections
☆44Updated 2 weeks ago
Alternatives and similar repositories for pidtree-bcc
Users that are interested in pidtree-bcc are comparing it to the libraries listed below
Sorting:
- ptrace-based event producer for udig☆67Updated 2 years ago
- Automated build and mirror of eBPF kernel probes for use as a driver with the Falco runtime security agent (https://falco.org/)☆16Updated 6 months ago
- Kit for building Falco drivers: kernel modules or eBPF probes☆65Updated 2 weeks ago
- Simplifying Seccomp enforcement in containerized or non-containerized apps☆110Updated 4 years ago
- 🐝 BPFBox 📦 Exploring process confinement in eBPF☆103Updated last year
- ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.☆116Updated 2 years ago
- eBPF based syscalls, files and network events tracing framework☆92Updated 4 years ago
- A tool to list and diagnose bpf programs. (Who watches the watchers..? :)☆95Updated 4 years ago
- A package for handling ssh certificates☆45Updated 3 years ago
- agent for handling seccomp descriptors for container runtimes☆46Updated last year
- BPF based FIM solution☆42Updated 2 years ago
- Build custom Docker seccomp profiles for containers by finding syscalls it uses.☆90Updated 4 years ago
- Easier tracing of packets through iptables☆35Updated 2 months ago
- The Container Security Book—a free book for practitioners☆82Updated 5 years ago
- IOModule manager and plugins☆38Updated 8 years ago
- Source-code based coverage for eBPF programs actually running in the Linux kernel☆132Updated 3 months ago
- Let's share some eBPF love!☆45Updated 5 years ago
- Generic tool to inspect BPF maps☆44Updated 3 years ago
- Documentation for Prodfiler, the distributed lightweight continuous whole-system profiler☆61Updated 2 years ago
- Now moved into `github.com/inspektor-gadget/inspektor-gadget/pkg/gadget-collection/gadgets/traceloop`. Tracing system calls in cgroups u…☆198Updated 2 years ago
- Inject Falco and pdig into a running kubernetes pod☆13Updated 5 years ago
- efficient linux security monitoring☆26Updated 6 years ago
- egrets monitors egress☆46Updated 5 years ago
- ☆37Updated 4 years ago
- An query language and interactive tooling to work with SBOM data.☆14Updated 7 months ago
- eBPF - extended Berkeley Packet Filter tooling☆123Updated 2 years ago
- torcx is a boot-time addon manager for immutable systems☆17Updated last month
- ☆71Updated 2 weeks ago
- ☆29Updated 4 months ago
- Provides agent and server plugins for SPIRE to allow TPM 2-based node attestation.☆81Updated last year