trailofbits / ebpfpubLinks
ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.
☆117Updated 2 years ago
Alternatives and similar repositories for ebpfpub
Users that are interested in ebpfpub are comparing it to the libraries listed below
Sorting:
- Various utilities useful for developers writing BPF tools☆30Updated 2 years ago
- eBPF - extended Berkeley Packet Filter tooling☆124Updated 3 years ago
- Example program using eBPF to log data being based in using shell pipes☆41Updated 4 years ago
- eBPF based syscalls, files and network events tracing framework☆93Updated 5 years ago
- A BPF-based syscall fault injector☆105Updated 2 years ago
- Transform vmlinuz into a fully debuggable vmlinux that can be used with /proc/kcore☆130Updated 9 months ago
- Trace deep kernel events through eBPF and lsm hooks☆37Updated 4 years ago
- Build custom Docker seccomp profiles for containers by finding syscalls it uses.☆90Updated 4 years ago
- Example BPF program with LSM hooks☆33Updated 4 years ago
- ☆47Updated 6 years ago
- Linux Kernel Runtime Integrity with eBPF☆180Updated last year
- Detect patterns of bad behavior in function calls☆26Updated 5 years ago
- IPE is a Linux Security Module (LSM), which allows for a configurable policy to enforce integrity requirements on the whole system. IPE b…☆65Updated 3 months ago
- opensnoop in pure C using eBPF☆100Updated 3 months ago
- a friendly wrapper around ptrace☆132Updated 3 years ago
- LKRG bypass methods☆72Updated 5 years ago
- 🐝 BPFBox 📦 Exploring process confinement in eBPF☆104Updated last year
- A kernelspace syscall interceptor and randomized faulter☆354Updated 8 months ago
- (Linux Kernel) Stack Monitoring Tool☆45Updated 3 years ago
- A feature-complete reference implementation of a modern Xen VMI debugger. ARCHIVED: Development continues at https://github.com/spencermi…☆78Updated 4 years ago
- Heap analysis tooling for ptmalloc☆45Updated 3 years ago
- Tool tracing syscalls in a fast way using eBPF linux kernel feature☆98Updated 2 years ago
- ☆89Updated last year
- A sample PoC for container-aware exec events for osquery☆24Updated last year
- Linux endpoint events for BPF enabled systems☆24Updated 2 years ago
- Fork from git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git (unstable and force pushed!)☆21Updated 2 years ago
- egrets monitors egress☆46Updated 5 years ago
- bpflock - eBPF driven security for locking and auditing Linux machines☆149Updated 3 years ago
- Alcatraz project for Black Hat USA 2021☆78Updated 4 years ago
- A C++ library that parses debug information encoded in BTF format☆25Updated 2 years ago