ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.
☆119Feb 13, 2026Updated last month
Alternatives and similar repositories for ebpfpub
Users that are interested in ebpfpub are comparing it to the libraries listed below
Sorting:
- Various utilities useful for developers writing BPF tools☆31Apr 12, 2023Updated 2 years ago
- A C++ library that parses debug information encoded in BTF format☆28Apr 11, 2023Updated 2 years ago
- This repository contains the companion code from the "All your tracing are belong to BPF" blog posts☆19Apr 12, 2023Updated 2 years ago
- A sample PoC for container-aware exec events for osquery☆26Feb 15, 2024Updated 2 years ago
- A BPF-based syscall fault injector☆108Mar 2, 2026Updated 2 weeks ago
- ☆13Dec 29, 2022Updated 3 years ago
- BPF based FIM solution☆42May 22, 2023Updated 2 years ago
- ETrace is a syscall tracing utility powered by eBPF☆26Feb 26, 2023Updated 3 years ago
- Source-code based coverage for eBPF programs actually running in the Linux kernel☆137Feb 6, 2025Updated last year
- relros.c applies RELRO to static binaries, and static_to_dyn.c applies ASLR to static binaries.☆34Jun 25, 2018Updated 7 years ago
- osquery extensions by Trail of Bits☆269Apr 12, 2023Updated 2 years ago
- Kit for building Falco drivers: kernel modules or eBPF probes☆69Mar 9, 2026Updated last week
- Scripts targeting specific families☆13Jul 3, 2017Updated 8 years ago
- Userspace eBPF VM☆961Updated this week
- eBPF verifier based on abstract interpretation☆456Updated this week
- ☆15Apr 28, 2023Updated 2 years ago
- osquery Foundation Charter, Legal, and Process Documents☆13Jun 10, 2022Updated 3 years ago
- Provide a shell like interface by utilizing osquery's distributed API☆82Jun 24, 2020Updated 5 years ago
- eBPF query runner (Ruby DSL or something useful)☆26Mar 11, 2020Updated 6 years ago
- 🐝 BPFBox 📦 Exploring process confinement in eBPF☆106Jan 11, 2024Updated 2 years ago
- ☆26Jun 23, 2022Updated 3 years ago
- Rust wrapper of libtracecmd☆25Nov 2, 2023Updated 2 years ago
- Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)☆305Nov 30, 2024Updated last year
- ☆55Sep 14, 2018Updated 7 years ago
- Tools to measure an app's App Sandbox usage☆26May 20, 2020Updated 5 years ago
- Export disassemblies into Protocol Buffers☆21Jul 18, 2025Updated 8 months ago
- PANDA-powered tracing engine for tenet☆11Apr 7, 2022Updated 3 years ago
- Framework for running BPF programs with rules on Linux as a daemon. Container aware.☆484May 7, 2021Updated 4 years ago
- Measures the conformance of a BPF runtime to the ISA.☆37Mar 13, 2026Updated last week
- Making containers more secure with eBPF and Linux Security Modules (LSM)☆232Jun 2, 2024Updated last year
- An approach to detect opaque predicates by identifying the damage caused by the obfuscation.☆31Apr 10, 2021Updated 4 years ago
- The BTFhub Archive repository provides BTF files for those published kernels that lack native support for embedded BTF, thereby enhancing…☆133Mar 6, 2026Updated 2 weeks ago
- This repository contains a tool which traces syscalls in a fast way using eBPF linux kernel feature☆16Jun 30, 2017Updated 8 years ago
- A lightweight workshop build on the shoulders of giants.☆18Sep 13, 2019Updated 6 years ago
- Maltego transforms to pivot between PE files based on their VirusTotal codeblocks☆19Jul 15, 2021Updated 4 years ago
- VALE eBPF extension module☆34Nov 6, 2019Updated 6 years ago
- My repository to upload drivers from different books and all the information related to windows internals.☆163Aug 16, 2019Updated 6 years ago
- Emu-strings project - JScript/VBScript automated dropper analysis system☆18Mar 25, 2021Updated 4 years ago
- Re-implementation of Apple's Continuity Protocol☆19Dec 5, 2019Updated 6 years ago