Linux Runtime Security and Forensics using eBPF
☆4,427Mar 16, 2026Updated this week
Alternatives and similar repositories for tracee
Users that are interested in tracee are comparing it to the libraries listed below
Sorting:
- eBPF-based Security Observability and Runtime Enforcement☆4,476Mar 14, 2026Updated last week
- Cloud Native Runtime Security☆8,743Updated this week
- eBPF library for Go. Powered by libbpf.☆839Jan 23, 2026Updated last month
- ebpf-go is a pure-Go library to read, modify and load eBPF programs and attach them to various hooks in the Linux kernel.☆7,587Mar 11, 2026Updated last week
- eBPF-based Networking, Security, and Observability☆23,983Updated this week
- Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark☆7,982Updated this week
- High-level tracing language for Linux☆9,992Updated this week
- A curated list of awesome projects related to eBPF.☆4,954Mar 11, 2026Updated last week
- Automated upstream mirror for libbpf stand-alone build.☆2,656Updated this week
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆33,205Updated this week
- Schedule bpftrace programs on your kubernetes cluster using the kubectl☆2,164Dec 8, 2025Updated 3 months ago
- Hunt for security weaknesses in Kubernetes clusters☆5,020Mar 19, 2024Updated 2 years ago
- Hubble - Network, Service & Security Observability for Kubernetes using eBPF☆4,108Updated this week
- Prometheus exporter for custom eBPF metrics☆2,532Updated this week
- Go bindings for creating BPF programs.☆2,189Aug 31, 2023Updated 2 years ago
- Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using e…☆2,753Updated this week
- Superseded by https://github.com/aquasecurity/trivy-operator☆1,372Feb 3, 2026Updated last month
- BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more☆22,286Mar 4, 2026Updated 2 weeks ago
- Instant Kubernetes-Native Application Observability☆6,382Updated this week
- BTFhub, in collaboration with the BTFhub Archive repository, supplies BTF files for all published kernels that lack native support for em…☆471Mar 11, 2026Updated last week
- Get eBPF programs running from the cloud to the kernel in 1 line of bash☆1,296Apr 17, 2025Updated 11 months ago
- Packet, where are you? -- eBPF-based Linux kernel networking debugger☆3,699Updated this week
- A Linux Host-based Intrusion Detection System based on eBPF.☆458Dec 20, 2023Updated 2 years ago
- A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29☆684Jul 7, 2024Updated last year
- Library to work with eBPF programs from Go☆1,168Mar 19, 2024Updated 2 years ago
- ebpfkit is a rootkit powered by eBPF☆839Feb 28, 2023Updated 3 years ago
- Scaffolding for BPF application development with libbpf and BPF CO-RE☆1,448Feb 27, 2026Updated 3 weeks ago
- 🐊 Policy Controller for Kubernetes☆4,168Updated this week
- Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (…☆2,062Mar 13, 2026Updated last week
- Tfsec is now part of Trivy☆6,965Nov 10, 2025Updated 4 months ago
- Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security…☆11,240Mar 3, 2026Updated 2 weeks ago
- A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.☆1,949Apr 7, 2024Updated last year
- Vulnerability Static Analysis for Containers☆10,945Updated this week
- A vulnerability scanner for container images and filesystems☆11,733Mar 13, 2026Updated last week
- Code signing and transparency for containers and binaries☆5,734Updated this week
- Continuous profiling for analysis of CPU and memory usage, down to the line number and throughout time. Saving infrastructure cost, impro…☆4,818Updated this week
- Security risk analysis for Kubernetes resources☆1,446Feb 16, 2026Updated last month
- bpftop provides a dynamic real-time view of running eBPF programs. It displays the average runtime, events per second, and estimated tota…☆2,627Updated this week
- Application Kernel for Containers☆17,901Updated this week