gojue / ehids-agent
A Linux Host-based Intrusion Detection System based on eBPF.
☆401Updated 8 months ago
Related projects: ⓘ
- Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)☆277Updated last month
- A golang ebpf libary based on cilium/ebpf and datadog/ebpf.☆303Updated last month
- vArmor is a cloud native container sandbox system based on AppArmor/BPF/Seccomp. It also includes multiple built-in protection rules that…☆268Updated 3 weeks ago
- A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29☆530Updated 2 months ago
- ebpfkit is a rootkit powered by eBPF☆746Updated last year
- Elkeid HUB is a rule/event processing engine maintained by the Elkeid Team that supports streaming/offline (not yet supported by the comm…☆88Updated last year
- By Kprobe technology Open Source Host-based Intrusion Detection System(HIDS), from E_Bwill.☆588Updated 3 years ago
- ☆242Updated 3 weeks ago
- Learn something interesting by examples.☆43Updated 2 weeks ago
- Collection of Linux eBPF slides/documents.☆857Updated 10 months ago
- Examples for libbpf, aquasecurity/libbpfgo and cilium/ebpf☆115Updated this week
- Inject ELF into remote process☆111Updated 11 months ago
- QNSM is network security monitoring framework based on DPDK.☆515Updated 2 years ago
- BTFhub, in collaboration with the BTFhub Archive repository, supplies BTF files for all published kernels that lack native support for em…☆379Updated 2 months ago
- learn how to use BPF/eBPF☆484Updated 2 years ago
- Linux EDR written in Golang and based on eBPF.☆229Updated 2 years ago
- Build, Distribute and Run CO-RE eBPF programs easier with JSON and Webassembly OCI images☆639Updated 2 weeks ago
- The BTFhub Archive repository provides BTF files for those published kernels that lack native support for embedded BTF, thereby enhancing…☆94Updated this week
- libsinsp, libscap, the kernel module driver, and the eBPF driver sources☆224Updated this week
- 与 eBPF 相关的精选项目的中文清单☆72Updated last year
- 极客时间专栏《eBPF 核心技术与实战》案例☆313Updated 3 weeks ago
- Process-aware, eBPF-based tcpdump☆435Updated this week
- ☆45Updated 2 years ago
- Suricata安装部署&丢包优化&性能调优&规则调整&Pfring设置☆137Updated 4 years ago
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆120Updated last year
- ☆23Updated 9 months ago
- some experiments with ebpf☆14Updated 3 years ago
- bpflock - eBPF driven security for locking and auditing Linux machines☆136Updated 2 years ago
- Generate eBPF programs and tracing with ChatGPT☆210Updated last month
- SQL / SQLI tokenizer parser analyzer☆152Updated 3 months ago