tarsal-oss / kflowdLinks
Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS, HTTP and SYSLOG Application Messages via eBPF Subsystem
☆68Updated 6 months ago
Alternatives and similar repositories for kflowd
Users that are interested in kflowd are comparing it to the libraries listed below
Sorting:
- 🐝 Ransomware Detection using Machine Learning with eBPF for Linux.☆69Updated 11 months ago
- An EBPF based IPv4/IPv6 firewall with integrations for OpenZiti Zero-Trust Framework edge-routers and tunnellers☆72Updated 2 months ago
- monitor and protect SSH sessions with eBPF☆70Updated 4 years ago
- ☆89Updated last year
- TC, XDP, KProbe and CGroup eBPF based simple Ethernet interface traffic monitor and reporting tool☆125Updated last month
- Kit for building Falco drivers: kernel modules or eBPF probes☆67Updated this week
- Use eBPF to inject chaos into local processes☆65Updated last year
- Simple root privilege escalation detection using eBPF 🐝☆34Updated 3 weeks ago
- Measure UDP and TCP connection latency for IPv4 and IPv6 using eBPF and Go☆76Updated 2 weeks ago
- Red Canary's eBPF Sensor☆111Updated 4 months ago
- Publications from the eBPF foundation☆28Updated 2 months ago
- Real-time eBPF-powered network security monitor with AI-driven threat detection. Surfaces port scans, DDoS attacks, botnet activity, and …☆54Updated 2 weeks ago
- Intent driven security automation framework☆26Updated 2 months ago
- eBPF Programs☆64Updated 3 months ago
- proof-of-concept example of using eBPF to Monitor for eBPF Map tampering☆22Updated 4 years ago
- Elastic's eBPF☆69Updated last month
- VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities☆102Updated last year
- ☆84Updated this week
- Making containers more secure with eBPF and Linux Security Modules (LSM)☆230Updated last year
- A toy containers aware firewall built in Rust☆23Updated 2 years ago
- Falco rule repository☆140Updated this week
- Deep Linux runtime visibility meets Wireshark☆294Updated 3 months ago
- 🔍 Seccomp profiling and function-level tracing tool.☆169Updated 4 months ago
- The kernel tracer that attaches eBPF probes to containers for capturing TLS traffic☆29Updated this week
- Demo repository for running eBPF in GitHub Actions☆22Updated 7 months ago
- Process behaviour anomaly detection using eBPF and unsupervised-learning Autoencoders☆133Updated 3 years ago
- Ingress node firewall implements Kubernetes operator to provision stateless ingress node level firewall rules, stateless ingress node fir…☆64Updated 3 weeks ago
- Goby CLI eBPF Project Generator☆33Updated 8 months ago
- A convenience tool to generate and store certificates for Hubble Relay mTLS☆27Updated 2 weeks ago
- Source-code based coverage for eBPF programs actually running in the Linux kernel☆134Updated 8 months ago