Example BPF program with LSM hooks
☆36Feb 24, 2021Updated 5 years ago
Alternatives and similar repositories for bpf-lsm
Users that are interested in bpf-lsm are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- LSM BPF module to block pwnkit (CVE-2021-4034) like exploits☆21Feb 17, 2022Updated 4 years ago
- Fork from git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git (unstable and force pushed!)☆24Jun 15, 2023Updated 2 years ago
- suidsnoop is a tool based on eBPF LSM programs that logs whenever a suid binary is executed and implements custom allow/deny lists.☆16Oct 31, 2021Updated 4 years ago
- bpflock - eBPF driven security for locking and auditing Linux machines☆153Feb 16, 2022Updated 4 years ago
- Mimic is a eBPF virtual machine and emulator which runs in userspace☆30May 28, 2022Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Trace deep kernel events through eBPF and lsm hooks☆44Feb 9, 2021Updated 5 years ago
- Working examples of KRSI (via BCC scripts).☆15Dec 21, 2020Updated 5 years ago
- Various eBPF programs for tracing network connections☆32Oct 26, 2021Updated 4 years ago
- Making containers more secure with eBPF and Linux Security Modules (LSM)☆233Jun 2, 2024Updated last year
- Source-code based coverage for eBPF programs actually running in the Linux kernel☆138Feb 6, 2025Updated last year
- POC for Phantom Attack☆91Aug 10, 2022Updated 3 years ago
- 针对kubernetes中的RBAC可能被攻击检测工具。Detection tool for possible attacks on RBAC in kubernetes.☆25Jan 4, 2024Updated 2 years ago
- Red Canary's eBPF Sensor☆115Apr 15, 2026Updated last month
- Linux Kernel Runtime Integrity with eBPF☆186Nov 23, 2023Updated 2 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- ☆18Nov 17, 2020Updated 5 years ago
- vArmor-ebpf is a specialized project dedicated to maintaining the BPF code utilized by vArmor.☆41May 21, 2026Updated last week
- BPFContain is a container security daemon for GNU/Linux leveraging the power and safety of eBPF and Rust.☆59Jun 30, 2022Updated 3 years ago
- ☆25Jun 2, 2024Updated last year
- A simple example of map_in_map usage in libbpf☆10Mar 18, 2020Updated 6 years ago
- Aya is an eBPF library for the Rust programming language, built with a focus on developer experience and operability.☆13Mar 6, 2026Updated 2 months ago
- An eBPF detection program for CVE-2022-0847☆29Jul 5, 2022Updated 3 years ago
- [MICRO'20] LENS: A Low-level NVRAM Profiler [USENIX Security'23] NVLeak: Off-Chip Side-Channel Attacks via Non-Volatile Memory Systems☆14Jul 8, 2024Updated last year
- Vault Exploit Defense☆128Sep 7, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Control-Flow Integrity implementation for the Linux Kernel 3.19☆20Feb 19, 2020Updated 6 years ago
- ebpH (Extended BPF Process Homeostasis) monitors process behavior on your system to establish normal behavioral patterns. ebpH reports an…☆42Dec 8, 2022Updated 3 years ago
- SysFlow edge processing pipeline☆18Jan 15, 2025Updated last year
- Memory protection and randomization tests (not limited to PaX enabled kernels)☆12Mar 5, 2024Updated 2 years ago
- a docker container behavior monitoring tool based on eBPF☆17Jul 22, 2023Updated 2 years ago
- java 内存马系列 实现(Servlets 、组件、Agent)☆10Mar 7, 2022Updated 4 years ago
- A Linux Host-based Intrusion Detection System based on eBPF.☆456Dec 20, 2023Updated 2 years ago
- A collection of BPF examples☆39Mar 30, 2021Updated 5 years ago
- SOSCON19 session - "Faster Packet Processing in Linux: XDP" source code☆17Oct 17, 2019Updated 6 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- tool for building and running VMs for development and testing☆118Updated this week
- This tool set can generate SECCOMP profiles for Docker images. It mainly relies on static analysis, making its results more reliable than…☆71May 3, 2022Updated 4 years ago
- BPF CI☆24Apr 27, 2026Updated last month
- Qiling Framework Documentation☆18Mar 9, 2025Updated last year
- IOModule manager and plugins☆37Feb 24, 2017Updated 9 years ago
- A light introduction to BPF / eBPF☆11Nov 5, 2018Updated 7 years ago
- libsinsp, libscap, the kernel module driver, and the eBPF driver sources☆306May 20, 2026Updated last week