Making containers more secure with eBPF and Linux Security Modules (LSM)
☆232Jun 2, 2024Updated last year
Alternatives and similar repositories for lockc
Users that are interested in lockc are comparing it to the libraries listed below
Sorting:
- bpflock - eBPF driven security for locking and auditing Linux machines☆151Feb 16, 2022Updated 4 years ago
- agent for handling seccomp descriptors for container runtimes☆47Feb 1, 2024Updated 2 years ago
- A logging library for eBPF programs.☆25Jul 28, 2022Updated 3 years ago
- BPFContain is a container security daemon for GNU/Linux leveraging the power and safety of eBPF and Rust.☆59Jun 30, 2022Updated 3 years ago
- Source-code based coverage for eBPF programs actually running in the Linux kernel☆137Feb 6, 2025Updated last year
- Layer 4 Kubernetes load-balancer☆462Sep 5, 2025Updated 6 months ago
- suidsnoop is a tool based on eBPF LSM programs that logs whenever a suid binary is executed and implements custom allow/deny lists.☆16Oct 31, 2021Updated 4 years ago
- Example BPF program with LSM hooks☆36Feb 24, 2021Updated 5 years ago
- LSM BPF module to block pwnkit (CVE-2021-4034) like exploits☆21Feb 17, 2022Updated 4 years ago
- Aya is an eBPF library for the Rust programming language, built with a focus on developer experience and operability.☆4,376Updated this week
- A Rust library for managing eBPF programs.☆122Feb 26, 2024Updated 2 years ago
- Simple BPF static linker☆275Mar 13, 2026Updated last week
- A modular and blazing fast runtime security tool for the IoT, powered by eBPF.☆1,007Dec 9, 2025Updated 3 months ago
- Linux Kernel Runtime Integrity with eBPF☆184Nov 23, 2023Updated 2 years ago
- Minimal and opinionated eBPF tooling for the Rust ecosystem☆962Mar 13, 2026Updated last week
- An eBPF Manager for Linux and Kubernetes☆725Updated this week
- eBPF-based Security Observability and Runtime Enforcement☆4,476Mar 14, 2026Updated last week
- Get eBPF programs running from the cloud to the kernel in 1 line of bash☆1,296Apr 17, 2025Updated 11 months ago
- A cargo-generate template for Rust eBPF Projects using Aya☆133Feb 1, 2026Updated last month
- Operator to manage Cilium's etcd cluster☆26Sep 18, 2019Updated 6 years ago
- bouheki is KRSI(eBPF+LSM) based Linux security auditing tool.☆92Sep 21, 2025Updated 6 months ago
- The Aya Book is an introductory book about using the Rust Programming Language and Aya library to build extended Berkley Packet Filter (e…☆126Mar 11, 2026Updated last week
- eBPF verifier based on abstract interpretation☆456Updated this week
- ☆115Apr 13, 2023Updated 2 years ago
- Various eBPF programs for tracing network connections☆32Oct 26, 2021Updated 4 years ago
- Linux Runtime Security and Forensics using eBPF☆4,427Updated this week
- Rust library for building and running BPF/eBPF modules☆1,722Jun 30, 2023Updated 2 years ago
- DSL language to write seccomp filters☆37Apr 5, 2024Updated last year
- Manager for single node Rancher clusters☆51Dec 13, 2021Updated 4 years ago
- libsinsp, libscap, the kernel module driver, and the eBPF driver sources☆302Updated this week
- A curated list of awesome eBPF 🐝 projects using aya-rs and Rust 🦀☆174Jun 17, 2025Updated 9 months ago
- ☆17Oct 9, 2023Updated 2 years ago
- ☆28Nov 24, 2021Updated 4 years ago
- Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (…☆2,062Mar 13, 2026Updated last week
- A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29☆684Jul 7, 2024Updated last year
- eBPF based always-on CPU/GPU profiler auto-discovering targets in Kubernetes and systemd, zero code changes or restarts needed!☆711Updated this week
- RKE2 selinux + RPM packaging for selinux☆31Feb 25, 2026Updated 3 weeks ago
- Rust library for writing Linux security policies using eBPF☆314Jan 22, 2024Updated 2 years ago
- ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.☆119Feb 13, 2026Updated last month