falcosecurity / kernel-crawler

Related projects: ⓘ

• falcosecurity / driverkit
  Kit for building Falco drivers: kernel modules or eBPF probes
  ☆64Updated last week
• maxgio92 / krawler
  A crawler for kernel releases distributed by the major Linux distributions.
  ☆12Updated last month
• falcosecurity / k8s-metacollector
  Fetches the metadata from kubernetes API server and dispatches them to Falco instances
  ☆14Updated 3 months ago
• falcosecurity / kernel-testing
  Ansible playbooks to provision firecracker VMs and run Falco kernel tests
  ☆10Updated 4 months ago
• falcosecurity / testing
  All-purpose test suite for Falco and its ecosystem
  ☆12Updated 2 weeks ago
• falcosecurity / plugin-sdk-go
  Falco plugins SDK for Go
  ☆24Updated 2 months ago
• evdenis / lsm_bpf_check_argc0
  LSM BPF module to block pwnkit (CVE-2021-4034) like exploits
  ☆20Updated 2 years ago
• miekg / ebpf
  ebpf compiler in Go; Write Go, get ebpf
  ☆27Updated 3 weeks ago
• rafaeldtinoco / drafts
  ☆46Updated this week
• elastic / bpfcov
  Source-code based coverage for eBPF programs actually running in the Linux kernel
  ☆129Updated 2 years ago
• nyrahul / ebpf-guide
  Ebpf faqs, samples, tooling
  ☆43Updated 3 years ago
• cpuguy83 / gonso
  Library to work with linux namespaces in go
  ☆32Updated 8 months ago
• cilium / coverbee
  Code coverage tooling for eBPF
  ☆35Updated last month
• thediveo / lxkns
  Discover Linux kernel namespaces in Go. Almost everywhere. Aware of various OCI container engines, even engines in containers.
  ☆40Updated 2 months ago
• leodido / traffico
  Shape your traffic the BPF way
  ☆77Updated last year
• Gui774ume / fsprobe
  A file system events notifier based on eBPF
  ☆54Updated last year
• pmorjan / kmod
  Go implementation for loading / unloading Linux kernel modules
  ☆49Updated 7 months ago
• lumontec / lsmtrace
  Trace deep kernel events through eBPF and lsm hooks
  ☆32Updated 3 years ago
• kinvolk / bpf-exercises
  ☆25Updated 6 years ago
• aquasecurity / btfhub-archive
  The BTFhub Archive repository provides BTF files for those published kernels that lack native support for embedded BTF, thereby enhancing…
  ☆94Updated this week
• falcosecurity / falcoctl
  Administrative tooling for Falco
  ☆88Updated this week
• linux-lock / bpflock
  bpflock - eBPF driven security for locking and auditing Linux machines
  ☆136Updated 2 years ago
• Gui774ume / ssh-probe
  monitor and protect SSH sessions with eBPF
  ☆65Updated 3 years ago
• project-machine / oci-viewer
  OCI viewer
  ☆15Updated 3 months ago
• falcosecurity / evolution
  Evolution process of The Falco Project
  ☆48Updated this week
• chen-keinan / kube-knark
  Open Source runtime tool which help to detect malware code execution and run time mis-configuration change on a kubernetes cluster
  ☆34Updated 2 years ago
• andrewkroh / go-ebpf
  eBPF programs without a libbcc dependency
  ☆59Updated last year
• florianl / tc-skeleton
  Simple project to demonstrate the loading of eBPF programs via florianl/go-tc.
  ☆33Updated 5 months ago
• willfindlay / bpfbox
  🐝 BPFBox 📦 Exploring process confinement in eBPF
  ☆98Updated 8 months ago
• willfindlay / suidsnoop
  suidsnoop is a tool based on eBPF LSM programs that logs whenever a suid binary is executed and implements custom allow/deny lists.
  ☆14Updated 2 years ago