redcanaryco/redcanary-ebpf-sensor external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

redcanaryco/redcanary-ebpf-sensor

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/redcanaryco/redcanary-ebpf-sensor)

Close

redcanaryco / redcanary-ebpf-sensorView on GitHubMore

• External links
• Readme badge

Red Canary's eBPF Sensor

☆114Apr 15, 2026Updated 2 weeks ago

Alternatives and similar repositories for redcanary-ebpf-sensor

Users that are interested in redcanary-ebpf-sensor are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• redcanaryco / oxidebpf

  View on GitHub
  A Rust library for managing eBPF programs.
  ☆122Feb 26, 2024Updated 2 years ago
• redcanaryco / ebpfmon

  View on GitHub
  ☆92Dec 5, 2025Updated 4 months ago
• netdata / ebpf-co-re

  View on GitHub
  CO-RE code for the Netdata eBPF plugin.
  ☆16Apr 19, 2026Updated last week
• pathtofile / bpf-hookdetect

  View on GitHub
  Dectect syscall hooking using eBPF
  ☆170Apr 28, 2023Updated 3 years ago
• linux-lock / bpflock

  View on GitHub
  bpflock - eBPF driven security for locking and auditing Linux machines
  ☆152Feb 16, 2022Updated 4 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• andrewstucki / bpf-lsm

  View on GitHub
  Example BPF program with LSM hooks
  ☆36Feb 24, 2021Updated 5 years ago
• pathtofile / bad-bpf

  View on GitHub
  A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29
  ☆685Jul 7, 2024Updated last year
• Gui774ume / ebpfkit-monitor

  View on GitHub
  ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits
  ☆141Feb 28, 2023Updated 3 years ago
• redcanaryco / exploit-primitive-playground

  View on GitHub
  ☆65Jul 3, 2024Updated last year
• Gui774ume / ssh-probe

  View on GitHub
  monitor and protect SSH sessions with eBPF
  ☆74Jul 2, 2021Updated 4 years ago
• redcanaryco / vscode-attack

  View on GitHub
  Visual Studio Code extension for MITRE ATT&CK
  ☆56Jul 3, 2024Updated last year
• sourque / louis

  View on GitHub
  Linux EDR written in Golang and based on eBPF.
  ☆247May 24, 2022Updated 3 years ago
• redcanaryco / AtomicTestHarnesses

  View on GitHub
  Public Repo for Atomic Test Harness
  ☆285Apr 8, 2025Updated last year
• sealuzh / msr18-docker-dataset

  View on GitHub
  Structured Information on State and Evolution of Dockerfiles - Online Appendix
  ☆10Mar 16, 2018Updated 8 years ago
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• DataDog / ebpf-training

  View on GitHub
  ☆112Apr 23, 2026Updated last week
• mitre-attack / joystick

  View on GitHub
  Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…
  ☆64Sep 13, 2023Updated 2 years ago
• SewellDinG / ReverseShellCheatsheet

  View on GitHub
  🔨Reverse Shell 备忘录
  ☆16Apr 2, 2020Updated 6 years ago
• DataDog / ebpf-manager

  View on GitHub
  This manager helps handle the life cycle of your eBPF programs
  ☆161Apr 23, 2026Updated last week
• anelshaer / Remote-Linux-Triage-Collection-using-OSquery

  View on GitHub
  Remotely collect linux live forensics artifacts.
  ☆14Jul 8, 2022Updated 3 years ago
• libbpf / libbpf

  View on GitHub
  Automated upstream mirror for libbpf stand-alone build.
  ☆2,679Apr 9, 2026Updated 2 weeks ago
• lumontec / lsmtrace

  View on GitHub
  Trace deep kernel events through eBPF and lsm hooks
  ☆42Feb 9, 2021Updated 5 years ago
• cilium / tetragon

  View on GitHub
  eBPF-based Security Observability and Runtime Enforcement
  ☆4,602Updated this week
• chriskaliX / Hades

  View on GitHub
  Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)
  ☆305Nov 30, 2024Updated last year
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• trailofbits / linuxevents

  View on GitHub
  A sample PoC for container-aware exec events for osquery
  ☆27Feb 15, 2024Updated 2 years ago
• brosck / Rebellion

  View on GitHub
  「⚔️」Ring 0 Rootkit for Linux Kernels x86/x86_64 5.x/6.x
  ☆26Apr 10, 2025Updated last year
• PKU-ASAL / NoDrop

  View on GitHub
  ☆18Apr 15, 2026Updated 2 weeks ago
• h3xduck / TripleCross

  View on GitHub
  A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
  ☆1,959Apr 7, 2024Updated 2 years ago
• falcosecurity / libs

  View on GitHub
  libsinsp, libscap, the kernel module driver, and the eBPF driver sources
  ☆305Updated this week
• pixie-io / pixie-demos

  View on GitHub
  Demos for Pixie: github.com/pixie-io/pixie
  ☆219Jun 13, 2023Updated 2 years ago
• lockc-project / lockc

  View on GitHub
  Making containers more secure with eBPF and Linux Security Modules (LSM)
  ☆234Jun 2, 2024Updated last year
• MISP / misp-stix

  View on GitHub
  MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats
  ☆58Apr 21, 2026Updated last week
• elastic / ebpf

  View on GitHub
  Elastic's eBPF
  ☆74Mar 12, 2026Updated last month
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• gtank / sshsign

  View on GitHub
  signs things with ssh-ed25519 keys
  ☆13Jan 4, 2019Updated 7 years ago
• gojue / rootkit-sample

  View on GitHub
  ☆48Mar 19, 2022Updated 4 years ago
• secureworks / atomic-harness

  View on GitHub
  A tool to run and validate telemetry for Atomic Red Team tests
  ☆16Mar 21, 2024Updated 2 years ago
• activeshadow / go-atomicredteam

  View on GitHub
  go-atomicredteam is a Golang application to execute tests as defined in the atomics folder of Red Canary's Atomic Red Team project (https…
  ☆49Mar 7, 2023Updated 3 years ago
• doyensec / VSCode_PoC_Oct2019

  View on GitHub
  Proof of Concept for a VSCode Python Extension Code Execution Vulnerability
  ☆16Mar 17, 2020Updated 6 years ago
• 2m4t / LiCShield

  View on GitHub
  ☆11Feb 22, 2016Updated 10 years ago
• libbpf / libbpf-bootstrap

  View on GitHub
  Scaffolding for BPF application development with libbpf and BPF CO-RE
  ☆1,470Apr 9, 2026Updated 2 weeks ago