Alternatives and similar repositories for py-strace2pcap

Users that are interested in py-strace2pcap are comparing it to the libraries listed below

• quarkslab / peetch
  An eBPF playground
  ☆206Updated last year
• mechpen / sockdump
  Dump unix domain socket traffic with bpf
  ☆406Updated last year
• mosajjal / binary-tools
  Collection of Statically linked binaries for Linux. Suited for Forensics
  ☆178Updated 3 months ago
• abbat / elfexec
  Utility to execute ELF binary directly from stdin pipe.
  ☆67Updated 2 years ago
• ryanwoodsmall / static-binaries
  some static binaries for linux, maybe useful for bootstrapping, no big deal
  ☆111Updated 5 months ago
• hack3ric / mimic
  eBPF UDP -> TCP obfuscator
  ☆228Updated last week
• martinpitt / fatrace
  report system wide file access events
  ☆244Updated 2 weeks ago
• schlafwandler / kcore_dump
  A simple tool to create a physical memory dump from userland
  ☆16Updated 4 years ago
• p- / socket-connect-bpf
  Get live information about applications that make network requests (based on eBPF)
  ☆53Updated 3 weeks ago
• ColinIanKing / forkstat
  Forkstat is a program that logs process fork(), exec() and exit() activity. It is useful for monitoring system behaviour and to track dow…
  ☆109Updated 5 months ago
• redcanaryco / ebpfmon
  ☆89Updated last year
• resilar / psyscall
  Linux syscall() injection
  ☆38Updated 4 years ago
• Gui774ume / ebpfkit-monitor
  ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits
  ☆137Updated 2 years ago
• jwilk / ttyjack
  proof-of-concept tty hijacking via TIOCSTI or TIOCLINUX
  ☆35Updated 5 months ago
• mebeim / linux-syscalls
  🌐🐧 Browsable Linux kernel syscall tables built with Systrack (https://github.com/mebeim/systrack)
  ☆200Updated this week
• armosec / curing
  io_uring based rootkit
  ☆236Updated 5 months ago
• v-byte-cpu / wirez
  redirect all TCP/UDP traffic of any program to SOCKS5 proxy
  ☆158Updated last year
• linux-lock / bpflock
  bpflock - eBPF driven security for locking and auditing Linux machines
  ☆150Updated 3 years ago
• ph1048 / ebpfdbg
  eBPF verifier log viewer
  ☆24Updated last year
• elfmaster / kdress
  Transform vmlinuz into a fully debuggable vmlinux that can be used with /proc/kcore
  ☆131Updated last year
• vimpostor / copycat
  A library for intercepting system calls
  ☆102Updated 9 months ago
• nyrahul / linux-kernel-configs
  Linux kernel configs for popular distros.
  ☆55Updated last month
• landhb / DrawBridge
  Layer 4 Single Packet Authentication Linux kernel module utilizing Netfilter hooks and kernel supported Berkeley Packet Filters (BPF)
  ☆115Updated last year
• lkrg-org / lkrg
  Linux Kernel Runtime Guard
  ☆529Updated last week
• emptymonkey / ptrace_do
  A ptrace library for easy syscall injection in Linux.
  ☆183Updated last year
• pathtofile / bad-bpf
  A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29
  ☆661Updated last year
• milabs / drop-tcp-sock
  This module allows one to kill TCP sockets (including TIME-WAIT state).
  ☆77Updated 4 years ago
• hardenedvault / ved-ebpf
  VED-eBPF: Kernel Exploit and Rootkit Detection using eBPF
  ☆167Updated last year
• andrewstucki / bpf-lsm
  Example BPF program with LSM hooks
  ☆33Updated 4 years ago
• hardenedvault / ved
  Vault Exploit Defense
  ☆128Updated last year