andrewstucki / bpf-lsmView external linksLinks
Example BPF program with LSM hooks
☆35Feb 24, 2021Updated 4 years ago
Alternatives and similar repositories for bpf-lsm
Users that are interested in bpf-lsm are comparing it to the libraries listed below
Sorting:
- ☆28Nov 24, 2021Updated 4 years ago
- suidsnoop is a tool based on eBPF LSM programs that logs whenever a suid binary is executed and implements custom allow/deny lists.☆16Oct 31, 2021Updated 4 years ago
- Working examples of KRSI (via BCC scripts).☆15Dec 21, 2020Updated 5 years ago
- Trace deep kernel events through eBPF and lsm hooks☆42Feb 9, 2021Updated 5 years ago
- ebpH (Extended BPF Process Homeostasis) monitors process behavior on your system to establish normal behavioral patterns. ebpH reports an…☆42Dec 8, 2022Updated 3 years ago
- Mimic is a eBPF virtual machine and emulator which runs in userspace☆29May 28, 2022Updated 3 years ago
- A simple example of map_in_map usage in libbpf☆10Mar 18, 2020Updated 5 years ago
- Source-code based coverage for eBPF programs actually running in the Linux kernel☆137Feb 6, 2025Updated last year
- Subgraph Citadel image builder☆17Apr 2, 2019Updated 6 years ago
- BPFContain is a container security daemon for GNU/Linux leveraging the power and safety of eBPF and Rust.☆59Jun 30, 2022Updated 3 years ago
- SysFlow edge processing pipeline☆18Jan 15, 2025Updated last year
- Red Canary's eBPF Sensor☆113Jun 10, 2025Updated 8 months ago
- USENIX - Vault'19: BPF programming Tutorial "Performance Analysis in Linux Storage Stack with BPF"☆18Feb 26, 2019Updated 6 years ago
- ☆25Jun 2, 2024Updated last year
- BPF CI☆24Feb 10, 2026Updated last week
- POC for Phantom Attack☆89Aug 10, 2022Updated 3 years ago
- Automatic fuzz targets generation for Golang packages☆55Nov 12, 2025Updated 3 months ago
- ☆23Apr 28, 2024Updated last year
- An eBPF detection program for CVE-2022-0847☆29Jul 5, 2022Updated 3 years ago
- CEF plugin for audisp (Linux Audit)☆23Aug 19, 2016Updated 9 years ago
- ☆56Mar 17, 2025Updated 10 months ago
- ☆26Jun 22, 2022Updated 3 years ago
- Vault Exploit Defense☆127Sep 7, 2024Updated last year
- A tool based on eBPF, prometheus and grafana to monitor network connectivity.☆35Jun 22, 2022Updated 3 years ago
- Additional kernel tracing features merged with recent Linux kernel releases. DTrace makes use of these additional features.☆32Sep 4, 2024Updated last year
- eBPF Library for Go☆29Jan 8, 2026Updated last month
- A general cross-architecture C/C++ hotpatch solution using customized userspace eBPF runtime. One patch release can fix the same vulnera…☆29Nov 4, 2023Updated 2 years ago
- This tool set can generate SECCOMP profiles for Docker images. It mainly relies on static analysis, making its results more reliable than…☆70May 3, 2022Updated 3 years ago
- eBPF verifier based on abstract interpretation☆447Updated this week
- tool for building and running VMs for development and testing☆114Updated this week
- Container and system event tracing using eBPF☆35Feb 1, 2026Updated 2 weeks ago
- Linux kernel: eBPF support for user-defined TCP options☆30May 26, 2020Updated 5 years ago
- BTF introspection tool☆40Nov 26, 2025Updated 2 months ago
- IOModule manager and plugins☆37Feb 24, 2017Updated 8 years ago
- Semaphore kernel Samsung Galaxy I9000☆13Apr 17, 2012Updated 13 years ago
- A tracing tool to analyze the I/O behavior of a program.☆12Sep 25, 2019Updated 6 years ago
- Examples of using BPF ring buffer APIs☆137Oct 26, 2020Updated 5 years ago
- Example program using eBPF to log data being based in using shell pipes☆41Feb 15, 2021Updated 5 years ago
- An IDA processor for eBPF bytecode☆34May 17, 2017Updated 8 years ago