evilsocket/ebpf-process-anomaly-detection external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

evilsocket/ebpf-process-anomaly-detection

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/evilsocket/ebpf-process-anomaly-detection)

Close

evilsocket / ebpf-process-anomaly-detectionView on GitHubMore

• External links
• Readme badge

Process behaviour anomaly detection using eBPF and unsupervised-learning Autoencoders

☆139Aug 15, 2022Updated 3 years ago

Alternatives and similar repositories for ebpf-process-anomaly-detection

Users that are interested in ebpf-process-anomaly-detection are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• evilsocket / sauron

  View on GitHub
  A minimalistic cross-platform malware scanner with non-blocking realtime filesystem monitoring using YARA rules.
  ☆229Aug 19, 2022Updated 3 years ago
• cilium / little-vm-helper-images

  View on GitHub
  ☆22Updated this week
• BishopFox / burpcage

  View on GitHub
  ☆10May 25, 2023Updated 2 years ago
• congwang / ebpf-2-phase-signing

  View on GitHub
  ☆15Jan 30, 2025Updated last year
• metan-ucw / runltp-ng

  View on GitHub
  Minimalistic LTP testrunner
  ☆11Jul 28, 2022Updated 3 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• evilsocket / kitsune

  View on GitHub
  🧠 🔎 🤖 Kitsune is an artificial neural network designed to detect and correlate Twitter profiles with similar behaviours.
  ☆244Jun 6, 2022Updated 3 years ago
• dmcgowan / lcontainerd

  View on GitHub
  Lightweight local libraries for containerd
  ☆12Mar 19, 2026Updated last month
• Matrix86 / driplane

  View on GitHub
  Event-driven automation pipelines — monitor anything, react to everything.
  ☆88Updated this week
• Acceis / eBPF-hide-PID

  View on GitHub
  This tool have the power to hide any PID/directory in the Linux kernel
  ☆30Sep 13, 2024Updated last year
• alegrey91 / gypsylist

  View on GitHub
  A web scraper for nomadlist.com, made to avoid website restrictions.
  ☆11Dec 9, 2021Updated 4 years ago
• gam4er / SneakyRun

  View on GitHub
  Some stuff for PHD2021
  ☆14May 21, 2025Updated 10 months ago
• seclab-stonybrook / eaudit

  View on GitHub
  eAudit suite for recording provenance-related system calls on Linux
  ☆20Jan 16, 2026Updated 3 months ago
• asimihsan / permutation-iterator-rs

  View on GitHub
  A Rust library for iterating over random permutations.
  ☆14Jun 15, 2021Updated 4 years ago
• evilsocket / jscythe

  View on GitHub
  Abuse the node.js inspector mechanism in order to force any node.js/electron/v8 based process to execute arbitrary javascript code.
  ☆334Sep 9, 2024Updated last year
• Deploy open-source AI quickly and easily - Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• maurapintor / unica_mlsec_labs

  View on GitHub
  ☆11Dec 17, 2024Updated last year
• willfindlay / bpfcontain-rs

  View on GitHub
  BPFContain is a container security daemon for GNU/Linux leveraging the power and safety of eBPF and Rust.
  ☆59Jun 30, 2022Updated 3 years ago
• dylandreimerink / mimic

  View on GitHub
  Mimic is a eBPF virtual machine and emulator which runs in userspace
  ☆29May 28, 2022Updated 3 years ago
• krisnova / double-slit-experiment

  View on GitHub
  Identify containers at runtime and observe them. No container runtime required. Read only access to the kernel.
  ☆16Jul 24, 2021Updated 4 years ago
• ShiftLeftSecurity / traceleft

  View on GitHub
  eBPF based syscalls, files and network events tracing framework
  ☆92Jul 24, 2020Updated 5 years ago
• epilys / vfsstat.rs

  View on GitHub
  Example sqlite3 Dynamic Loadable Extension in Rust - vfs and vtab modules - port of vfsstat.c
  ☆35Nov 26, 2024Updated last year
• containerscrew / rootisnaked

  View on GitHub
  Simple root privilege escalation detection using eBPF 🐝
  ☆35Feb 10, 2026Updated 2 months ago
• cisco-open / camblet-driver

  View on GitHub
  Linux Kernel module providing TLS, identity and running WASM
  ☆82Aug 12, 2024Updated last year
• Android-Observatory / DEXtripador

  View on GitHub
  A tool to extract the DEX file from ODEX compiled ahead of time version.
  ☆11Sep 28, 2021Updated 4 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• thought-machine / falco-probes

  View on GitHub
  Automated build and mirror of eBPF kernel probes for use as a driver with the Falco runtime security agent (https://falco.org/)
  ☆15Nov 18, 2024Updated last year
• hardenedvault / ved-ebpf

  View on GitHub
  VED-eBPF: Kernel Exploit and Rootkit Detection using eBPF
  ☆170Sep 7, 2024Updated last year
• suborbital / vektor

  View on GitHub
  Opinionated production-grade HTTP server framework for Go
  ☆83Feb 18, 2023Updated 3 years ago
• pouriyajamshidi / flat

  View on GitHub
  Measure UDP and TCP connection latency for IPv4 and IPv6 using eBPF and Go
  ☆76Apr 13, 2026Updated last week
• airbus-cert / dirtypipe-ebpf_detection

  View on GitHub
  An eBPF detection program for CVE-2022-0847
  ☆29Jul 5, 2022Updated 3 years ago
• iogbole / ebpf-network-viz

  View on GitHub
  Getting Started with eBPF
  ☆27Nov 4, 2023Updated 2 years ago
• solo-io / bumblebee

  View on GitHub
  Get eBPF programs running from the cloud to the kernel in 1 line of bash
  ☆1,300Apr 17, 2025Updated last year
• eeriedusk / knockles

  View on GitHub
  eBPF Port Knocking Tool
  ☆238Aug 23, 2023Updated 2 years ago
• dnfield / dart_calendar

  View on GitHub
  ☆16Jun 20, 2021Updated 4 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• metal-stack / go-hal

  View on GitHub
  server hardware abstraction, tries to lower the burden of supporting different server vendors
  ☆15Apr 12, 2026Updated last week
• spiderpig1297 / kunkillable

  View on GitHub
  kunkillable is an LKM that makes userland processes unkillable.
  ☆17Sep 26, 2020Updated 5 years ago
• nickalie / go-binwrapper

  View on GitHub
  Binary wrapper that makes command line tools seamlessly available as local golang dependencies
  ☆22Feb 17, 2026Updated 2 months ago
• thatssweety / FM-RADIO-JAMMER

  View on GitHub
  The EMP Jammer is an innovative jamming device which jams the devices nearby by inducing an alternating voltage in it .
  ☆13Jan 3, 2023Updated 3 years ago
• alegrey91 / harpoon

  View on GitHub
  🔍 Function-level tracing tool for Seccomp profiling, with eBPF
  ☆176Feb 23, 2026Updated last month
• Fare9 / KUNAI-static-analyzer

  View on GitHub
  Tool aimed to provide a binary analysis of different file formats through the use of an Intermmediate Representation.
  ☆144Mar 31, 2024Updated 2 years ago
• mostynb / zstdpool-syncpool

  View on GitHub
  go sync.Pool wrapper for github.com/klauspost/compress/zstd which doesn't leak memory and goroutines.
  ☆12May 7, 2023Updated 2 years ago