bpflock - eBPF driven security for locking and auditing Linux machines
☆151Feb 16, 2022Updated 4 years ago
Alternatives and similar repositories for bpflock
Users that are interested in bpflock are comparing it to the libraries listed below
Sorting:
- LSM BPF module to block pwnkit (CVE-2021-4034) like exploits☆21Feb 17, 2022Updated 4 years ago
- Source-code based coverage for eBPF programs actually running in the Linux kernel☆137Feb 6, 2025Updated last year
- ☆28Nov 24, 2021Updated 4 years ago
- Example BPF program with LSM hooks☆36Feb 24, 2021Updated 5 years ago
- Making containers more secure with eBPF and Linux Security Modules (LSM)☆232Jun 2, 2024Updated last year
- Fork from git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git (unstable and force pushed!)☆22Jun 15, 2023Updated 2 years ago
- bouheki is KRSI(eBPF+LSM) based Linux security auditing tool.☆92Sep 21, 2025Updated 6 months ago
- Linux Kernel Runtime Integrity with eBPF☆184Nov 23, 2023Updated 2 years ago
- The BTFhub Archive repository provides BTF files for those published kernels that lack native support for embedded BTF, thereby enhancing…☆133Mar 6, 2026Updated 2 weeks ago
- eBPF verifier based on abstract interpretation☆456Updated this week
- Trace deep kernel events through eBPF and lsm hooks☆42Feb 9, 2021Updated 5 years ago
- BPFContain is a container security daemon for GNU/Linux leveraging the power and safety of eBPF and Rust.☆59Jun 30, 2022Updated 3 years ago
- 🐝 BPFBox 📦 Exploring process confinement in eBPF☆106Jan 11, 2024Updated 2 years ago
- BTFhub, in collaboration with the BTFhub Archive repository, supplies BTF files for all published kernels that lack native support for em…☆471Mar 11, 2026Updated last week
- Disable SSL certificate verification for all binaries that use libssl☆48Jul 15, 2022Updated 3 years ago
- UTrace is a tracing utility that leverages eBPF to trace both user space and kernel space functions☆50Jan 18, 2022Updated 4 years ago
- A Linux Host-based Intrusion Detection System based on eBPF.☆458Dec 20, 2023Updated 2 years ago
- ☆15Jan 30, 2025Updated last year
- A file system events notifier based on eBPF☆74Dec 5, 2025Updated 3 months ago
- Dectect syscall hooking using eBPF☆169Apr 28, 2023Updated 2 years ago
- eBPF-based Security Observability and Runtime Enforcement☆4,476Mar 14, 2026Updated last week
- ☆15Apr 28, 2023Updated 2 years ago
- Another vulnerability scanner☆18Aug 9, 2025Updated 7 months ago
- Red Canary's eBPF Sensor☆113Updated this week
- ebpfkit is a rootkit powered by eBPF☆839Feb 28, 2023Updated 3 years ago
- Vault Exploit Defense☆127Sep 7, 2024Updated last year
- A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29☆684Jul 7, 2024Updated last year
- This project tracks offsets of fields inside of Go structs across versions for achieveing automatic instrumentation using eBPF☆32Feb 4, 2023Updated 3 years ago
- ☆472Oct 27, 2025Updated 4 months ago
- Elastic's eBPF☆73Mar 12, 2026Updated last week
- VED-eBPF: Kernel Exploit and Rootkit Detection using eBPF☆170Sep 7, 2024Updated last year
- CO-RE code for the Netdata eBPF plugin.☆16Mar 2, 2026Updated 2 weeks ago
- Source code of AsiaCCS'22 paper - RecIPE: Revisiting the Evaluation of Memory Error Defenses☆13Sep 19, 2023Updated 2 years ago
- monitor and protect SSH sessions with eBPF☆73Jul 2, 2021Updated 4 years ago
- Various eBPF programs for tracing network connections☆32Oct 26, 2021Updated 4 years ago
- Common code for hardening benchmarks☆10Jul 14, 2025Updated 8 months ago
- Example program using eBPF to log data being based in using shell pipes☆41Feb 15, 2021Updated 5 years ago
- Jibril: A performant and low impact Linux runtime security tool agent.☆15May 25, 2025Updated 9 months ago
- ☆12Jul 8, 2023Updated 2 years ago