Yelp / pidtree-bcc
eBPF tool for logging process ancestry of outbound TCP connections
☆41Updated 2 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for pidtree-bcc
- ptrace-based event producer for udig☆67Updated 2 years ago
- BPF based FIM solution☆42Updated last year
- ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.☆113Updated last year
- Simplifying Seccomp enforcement in containerized or non-containerized apps☆111Updated 4 years ago
- agent for handling seccomp descriptors for container runtimes☆42Updated 9 months ago
- Build custom Docker seccomp profiles for containers by finding syscalls it uses.☆89Updated 4 years ago
- Easier tracing of packets through iptables☆31Updated 6 months ago
- ☆42Updated 3 years ago
- egrets monitors egress☆45Updated 4 years ago
- IOModule manager and plugins☆38Updated 7 years ago
- A tool to list and diagnose bpf programs. (Who watches the watchers..? :)☆94Updated 4 years ago
- A package for handling ssh certificates☆45Updated 2 years ago
- efficient linux security monitoring☆25Updated 6 years ago
- Slides and Workshop Instructions for a BPF Introduction @Sqreen☆11Updated 5 years ago
- Kernel assisted microcontainer packer☆24Updated 5 years ago
- Documentation for Prodfiler, the distributed lightweight continuous whole-system profiler☆61Updated last year
- 🐝 BPFBox 📦 Exploring process confinement in eBPF☆101Updated 10 months ago
- eBPF based syscalls, files and network events tracing framework☆90Updated 4 years ago
- A tool based on eBPF, prometheus and grafana to monitor network connectivity.☆35Updated 2 years ago
- Inject Falco and pdig into a running kubernetes pod☆13Updated 4 years ago
- Going Florida on container keyring masks. A tool to demonstrate the ineffectivity containers have on isolating Linux Kernel keyrings.☆43Updated last year
- Identity-Aware Proxy☆21Updated last year
- Kit for building Falco drivers: kernel modules or eBPF probes☆64Updated this week
- BeyondCorp-style federated access proxy☆48Updated last year
- Automated build and mirror of eBPF kernel probes for use as a driver with the Falco runtime security agent (https://falco.org/)☆16Updated this week
- ☆29Updated 3 years ago
- Now moved into `github.com/inspektor-gadget/inspektor-gadget/pkg/gadget-collection/gadgets/traceloop`. Tracing system calls in cgroups u…☆198Updated last year