Trace deep kernel events through eBPF and lsm hooks
☆42Feb 9, 2021Updated 5 years ago
Alternatives and similar repositories for lsmtrace
Users that are interested in lsmtrace are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆18Nov 17, 2020Updated 5 years ago
- ☆10Apr 8, 2022Updated 3 years ago
- A collection of kernels used for CI builds☆17Feb 17, 2026Updated last month
- Example BPF program with LSM hooks☆36Feb 24, 2021Updated 5 years ago
- Linux Kernel Runtime Integrity with eBPF☆184Nov 23, 2023Updated 2 years ago
- Dectect syscall hooking using eBPF☆169Apr 28, 2023Updated 2 years ago
- Rootkit breaker - experimental Linux anti-rootkit tool based on kprobes☆12Sep 30, 2020Updated 5 years ago
- Rootkit spotter - experimental Linux rootkit finder LKM☆30Oct 11, 2020Updated 5 years ago
- ☆67Dec 3, 2020Updated 5 years ago
- bpflock - eBPF driven security for locking and auditing Linux machines☆151Feb 16, 2022Updated 4 years ago
- Working examples of KRSI (via BCC scripts).☆15Dec 21, 2020Updated 5 years ago
- CO-RE code for the Netdata eBPF plugin.☆16Updated this week
- 虚拟机带外内存监控☆14Mar 30, 2018Updated 7 years ago
- Learn something interesting by examples.☆80Nov 21, 2025Updated 4 months ago
- UTrace is a tracing utility that leverages eBPF to trace both user space and kernel space functions☆50Jan 18, 2022Updated 4 years ago
- Vault Exploit Defense☆127Sep 7, 2024Updated last year
- 🔬 eBPF / libbpf bindings for Node.js☆35Mar 12, 2022Updated 4 years ago
- A file system events notifier based on eBPF☆74Dec 5, 2025Updated 3 months ago
- Userspace eBPF Runtime Benchmarking Test Suite and Results☆16Updated this week
- The BTFhub Archive repository provides BTF files for those published kernels that lack native support for embedded BTF, thereby enhancing…☆133Mar 6, 2026Updated 2 weeks ago
- Fork from git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git (unstable and force pushed!)☆22Jun 15, 2023Updated 2 years ago
- This project tracks offsets of fields inside of Go structs across versions for achieveing automatic instrumentation using eBPF☆32Feb 4, 2023Updated 3 years ago
- L3AFD eBPF Programs control plane☆208Updated this week
- Various utilities useful for developers writing BPF tools☆31Apr 12, 2023Updated 2 years ago
- Source code of a few LLVM passes that I wrote to learn and that now I am sharing for my LLVM course for security engineering☆28Sep 16, 2022Updated 3 years ago
- BTF introspection tool☆40Nov 26, 2025Updated 3 months ago
- Linux Kernel eBPF Collectors☆67Feb 5, 2026Updated last month
- Adaptive Callsite-sensitive Control Flow Integrity - EuroS&P'19☆22Dec 12, 2022Updated 3 years ago
- BPFContain is a container security daemon for GNU/Linux leveraging the power and safety of eBPF and Rust.☆59Jun 30, 2022Updated 3 years ago
- ☆33Dec 24, 2025Updated 3 months ago
- Use Windows Management Instrumentation interfaces to perform actions on a Windows system from a Linux System☆16Mar 15, 2012Updated 14 years ago
- RPM DB bindings for go☆70May 19, 2025Updated 10 months ago
- Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)☆305Nov 30, 2024Updated last year
- Systems and Software Security☆16Nov 13, 2025Updated 4 months ago
- Source-code based coverage for eBPF programs actually running in the Linux kernel☆137Feb 6, 2025Updated last year
- 🐝 Ransomware Detection using Machine Learning with eBPF for Linux.☆76Nov 27, 2024Updated last year
- Disable SSL certificate verification for all binaries that use libssl☆48Jul 15, 2022Updated 3 years ago
- Elastic's eBPF☆74Mar 12, 2026Updated last week
- Debian10-Linux4.19 Hook sys_call_table By IDT☆11May 9, 2020Updated 5 years ago