bpflock - eBPF driven security for locking and auditing Linux machines
☆151Feb 16, 2022Updated 4 years ago
Alternatives and similar repositories for bpflock
Users that are interested in bpflock are comparing it to the libraries listed below
Sorting:
- LSM BPF module to block pwnkit (CVE-2021-4034) like exploits☆21Feb 17, 2022Updated 4 years ago
- Source-code based coverage for eBPF programs actually running in the Linux kernel☆137Feb 6, 2025Updated last year
- Making containers more secure with eBPF and Linux Security Modules (LSM)☆232Jun 2, 2024Updated last year
- Fork from git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git (unstable and force pushed!)☆22Jun 15, 2023Updated 2 years ago
- ☆28Nov 24, 2021Updated 4 years ago
- Linux Kernel Runtime Integrity with eBPF☆184Nov 23, 2023Updated 2 years ago
- Trace deep kernel events through eBPF and lsm hooks☆42Feb 9, 2021Updated 5 years ago
- Dectect syscall hooking using eBPF☆169Apr 28, 2023Updated 2 years ago
- The BTFhub Archive repository provides BTF files for those published kernels that lack native support for embedded BTF, thereby enhancing…☆132Feb 20, 2026Updated last week
- BPFContain is a container security daemon for GNU/Linux leveraging the power and safety of eBPF and Rust.☆59Jun 30, 2022Updated 3 years ago
- 🐝 BPFBox 📦 Exploring process confinement in eBPF☆106Jan 11, 2024Updated 2 years ago
- BTFhub, in collaboration with the BTFhub Archive repository, supplies BTF files for all published kernels that lack native support for em…☆470Feb 18, 2026Updated last week
- UTrace is a tracing utility that leverages eBPF to trace both user space and kernel space functions☆50Jan 18, 2022Updated 4 years ago
- Red Canary's eBPF Sensor☆113Jun 10, 2025Updated 8 months ago
- eBPF-based Security Observability and Runtime Enforcement☆4,431Updated this week
- A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29☆683Jul 7, 2024Updated last year
- Disable SSL certificate verification for all binaries that use libssl☆48Jul 15, 2022Updated 3 years ago
- ebpfkit is a rootkit powered by eBPF☆837Feb 28, 2023Updated 3 years ago
- A Linux Host-based Intrusion Detection System based on eBPF.☆457Dec 20, 2023Updated 2 years ago
- ☆15Apr 28, 2023Updated 2 years ago
- VED-eBPF: Kernel Exploit and Rootkit Detection using eBPF☆168Sep 7, 2024Updated last year
- A file system events notifier based on eBPF☆73Dec 5, 2025Updated 2 months ago
- ☆472Oct 27, 2025Updated 4 months ago
- Central IoC scanner based on Loki☆20Nov 12, 2021Updated 4 years ago
- The long shadow to emerge as other Git repositories☆18Jul 8, 2024Updated last year
- This project tracks offsets of fields inside of Go structs across versions for achieveing automatic instrumentation using eBPF☆31Feb 4, 2023Updated 3 years ago
- Vault Exploit Defense☆127Sep 7, 2024Updated last year
- Examples of using BPF ring buffer APIs☆137Oct 26, 2020Updated 5 years ago
- A Rust library for managing eBPF programs.☆123Feb 26, 2024Updated 2 years ago
- An exotic service bruteforce tool.☆13Apr 12, 2025Updated 10 months ago
- Elastic's eBPF☆73Jan 27, 2026Updated last month
- An eBPF playground☆210Dec 12, 2023Updated 2 years ago
- Linux Runtime Security and Forensics using eBPF☆4,388Feb 18, 2026Updated last week
- A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.☆1,942Apr 7, 2024Updated last year
- ☆15Jan 30, 2025Updated last year
- ☆12Jul 8, 2023Updated 2 years ago
- Command and Control Framework☆13Mar 23, 2024Updated last year
- Common code for hardening benchmarks☆10Jul 14, 2025Updated 7 months ago
- CO-RE code for the Netdata eBPF plugin.☆16Feb 6, 2026Updated 3 weeks ago