redcanaryco/redcanary-ebpf-sensor external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

redcanaryco/redcanary-ebpf-sensor

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/redcanaryco/redcanary-ebpf-sensor)

Close

redcanaryco / redcanary-ebpf-sensorView on GitHubMore

• External links
• Readme badge

Red Canary's eBPF Sensor

☆113Mar 24, 2026Updated 2 weeks ago

Alternatives and similar repositories for redcanary-ebpf-sensor

Users that are interested in redcanary-ebpf-sensor are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• redcanaryco / oxidebpf

  View on GitHub
  A Rust library for managing eBPF programs.
  ☆122Feb 26, 2024Updated 2 years ago
• redcanaryco / ebpfmon

  View on GitHub
  ☆92Dec 5, 2025Updated 4 months ago
• vmware-archive / cbsensor-linux-bpf

  View on GitHub
  Linux endpoint events for BPF enabled systems
  ☆24Dec 9, 2022Updated 3 years ago
• netdata / ebpf-co-re

  View on GitHub
  CO-RE code for the Netdata eBPF plugin.
  ☆16Mar 20, 2026Updated 2 weeks ago
• pathtofile / bpf-hookdetect

  View on GitHub
  Dectect syscall hooking using eBPF
  ☆169Apr 28, 2023Updated 2 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• linux-lock / bpflock

  View on GitHub
  bpflock - eBPF driven security for locking and auditing Linux machines
  ☆151Feb 16, 2022Updated 4 years ago
• andrewstucki / bpf-lsm

  View on GitHub
  Example BPF program with LSM hooks
  ☆36Feb 24, 2021Updated 5 years ago
• pathtofile / bad-bpf

  View on GitHub
  A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29
  ☆684Jul 7, 2024Updated last year
• Gui774ume / ebpfkit-monitor

  View on GitHub
  ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits
  ☆140Feb 28, 2023Updated 3 years ago
• gojue / ehids-agent

  View on GitHub
  A Linux Host-based Intrusion Detection System based on eBPF.
  ☆457Dec 20, 2023Updated 2 years ago
• douglasmakey / ebpf-learning

  View on GitHub
  ☆14Nov 10, 2023Updated 2 years ago
• redcanaryco / exploit-primitive-playground

  View on GitHub
  ☆65Jul 3, 2024Updated last year
• Gui774ume / ssh-probe

  View on GitHub
  monitor and protect SSH sessions with eBPF
  ☆73Jul 2, 2021Updated 4 years ago
• sourque / louis

  View on GitHub
  Linux EDR written in Golang and based on eBPF.
  ☆246May 24, 2022Updated 3 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• redcanaryco / AtomicTestHarnesses

  View on GitHub
  Public Repo for Atomic Test Harness
  ☆285Apr 8, 2025Updated last year
• DataDog / ebpf-training

  View on GitHub
  ☆110Apr 1, 2026Updated last week
• mitre-attack / joystick

  View on GitHub
  Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…
  ☆64Sep 13, 2023Updated 2 years ago
• 444xxk / shotovuln

  View on GitHub
  An offensive bash script which tries to find GENERIC privesc vulnerabilities and issues.
  ☆13Oct 17, 2017Updated 8 years ago
• DataDog / ebpf

  View on GitHub
  eBPF Library for Go
  ☆29Jan 8, 2026Updated 3 months ago
• anelshaer / Remote-Linux-Triage-Collection-using-OSquery

  View on GitHub
  Remotely collect linux live forensics artifacts.
  ☆14Jul 8, 2022Updated 3 years ago
• libbpf / libbpf

  View on GitHub
  Automated upstream mirror for libbpf stand-alone build.
  ☆2,668Mar 16, 2026Updated 3 weeks ago
• cilium / tetragon

  View on GitHub
  eBPF-based Security Observability and Runtime Enforcement
  ☆4,537Updated this week
• lumontec / lsmtrace

  View on GitHub
  Trace deep kernel events through eBPF and lsm hooks
  ☆42Feb 9, 2021Updated 5 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• chriskaliX / Hades

  View on GitHub
  Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)
  ☆305Nov 30, 2024Updated last year
• trailofbits / linuxevents

  View on GitHub
  A sample PoC for container-aware exec events for osquery
  ☆26Feb 15, 2024Updated 2 years ago
• brosck / Rebellion

  View on GitHub
  「⚔️」Ring 0 Rootkit for Linux Kernels x86/x86_64 5.x/6.x
  ☆26Apr 10, 2025Updated 11 months ago
• PKU-ASAL / NoDrop

  View on GitHub
  ☆18Updated this week
• h3xduck / TripleCross

  View on GitHub
  A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
  ☆1,953Apr 7, 2024Updated 2 years ago
• falcosecurity / libs

  View on GitHub
  libsinsp, libscap, the kernel module driver, and the eBPF driver sources
  ☆304Apr 3, 2026Updated last week
• pixie-io / pixie-demos

  View on GitHub
  Demos for Pixie: github.com/pixie-io/pixie
  ☆219Jun 13, 2023Updated 2 years ago
• CZashi / win-reverse

  View on GitHub
  ntos shit
  ☆29Feb 15, 2024Updated 2 years ago
• MISP / misp-stix

  View on GitHub
  MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats
  ☆56Mar 30, 2026Updated last week
• Wordpress hosting with auto-scaling on Cloudways • Ad
  Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
• Brandon7CC / mac-monitor

  View on GitHub
  "The missing ProcMon for macOS": Mac Monitor records Endpoint Security events and displays them for analysis.
  ☆1,287Updated this week
• elastic / ebpf

  View on GitHub
  Elastic's eBPF
  ☆74Mar 12, 2026Updated 3 weeks ago
• gtank / sshsign

  View on GitHub
  signs things with ssh-ed25519 keys
  ☆13Jan 4, 2019Updated 7 years ago
• gojue / rootkit-sample

  View on GitHub
  ☆49Mar 19, 2022Updated 4 years ago
• secureworks / atomic-harness

  View on GitHub
  A tool to run and validate telemetry for Atomic Red Team tests
  ☆16Mar 21, 2024Updated 2 years ago
• doyensec / VSCode_PoC_Oct2019

  View on GitHub
  Proof of Concept for a VSCode Python Extension Code Execution Vulnerability
  ☆16Mar 17, 2020Updated 6 years ago
• activeshadow / go-atomicredteam

  View on GitHub
  go-atomicredteam is a Golang application to execute tests as defined in the atomics folder of Red Canary's Atomic Red Team project (https…
  ☆49Mar 7, 2023Updated 3 years ago