tarsal-oss / kflowdLinks
Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS, HTTP and SYSLOG Application Messages via eBPF Subsystem
☆68Updated 5 months ago
Alternatives and similar repositories for kflowd
Users that are interested in kflowd are comparing it to the libraries listed below
Sorting:
- An EBPF based IPv4/IPv6 firewall with integrations for OpenZiti Zero-Trust Framework edge-routers and tunnellers☆70Updated 2 months ago
- ☆89Updated last year
- Simple root privilege escalation detection using eBPF 🐝☆22Updated last week
- TC, XDP, KProbe and CGroup eBPF based simple Ethernet interface traffic monitor and reporting tool☆122Updated 2 weeks ago
- monitor and protect SSH sessions with eBPF☆70Updated 4 years ago
- 🐝 Ransomware Detection using Machine Learning with eBPF for Linux.☆69Updated 10 months ago
- bpflock - eBPF driven security for locking and auditing Linux machines☆150Updated 3 years ago
- Elastic's eBPF☆69Updated last week
- Red Canary's eBPF Sensor☆109Updated 3 months ago
- Measure UDP and TCP connection latency for IPv4 and IPv6 using eBPF and Go☆75Updated 3 weeks ago
- A toy containers aware firewall built in Rust☆23Updated 2 years ago
- Deep Linux runtime visibility meets Wireshark☆293Updated 2 months ago
- Falco rule repository☆136Updated this week
- ☆84Updated 3 months ago
- Use eBPF to inject chaos into local processes☆65Updated last year
- Kit for building Falco drivers: kernel modules or eBPF probes☆67Updated last week
- 🔍 Seccomp profiling and function-level tracing tool.☆164Updated 4 months ago
- Real-time eBPF-powered network security monitor with AI-driven threat detection. Surfaces port scans, DDoS attacks, botnet activity, and …☆49Updated 3 weeks ago
- Publications from the eBPF foundation☆28Updated last month
- VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities☆102Updated 11 months ago
- A convenience tool to generate and store certificates for Hubble Relay mTLS☆27Updated this week
- proof-of-concept example of using eBPF to Monitor for eBPF Map tampering☆22Updated 4 years ago
- eBPF Programs☆63Updated 3 months ago
- eBPF-Direct is a high-performance serverless execution layer that runs functions directly inside the Linux kernel using eBPF☆29Updated 6 months ago
- Process behaviour anomaly detection using eBPF and unsupervised-learning Autoencoders☆133Updated 3 years ago
- Intent driven security automation framework☆26Updated last month
- Demo repository for running eBPF in GitHub Actions☆22Updated 6 months ago
- A Rust library for managing eBPF programs.☆122Updated last year
- Generate a variety of suspect actions that are detected by Falco rulesets☆108Updated 4 months ago
- ☆22Updated 3 months ago