BPFContain is a container security daemon for GNU/Linux leveraging the power and safety of eBPF and Rust.
☆59Jun 30, 2022Updated 3 years ago
Alternatives and similar repositories for bpfcontain-rs
Users that are interested in bpfcontain-rs are comparing it to the libraries listed below
Sorting:
- 🐝 BPFBox 📦 Exploring process confinement in eBPF☆106Jan 11, 2024Updated 2 years ago
- Various eBPF programs for tracing network connections☆32Oct 26, 2021Updated 4 years ago
- ebpH (Extended BPF Process Homeostasis) monitors process behavior on your system to establish normal behavioral patterns. ebpH reports an…☆42Dec 8, 2022Updated 3 years ago
- ☆28Nov 24, 2021Updated 4 years ago
- This is the repository for the code and artifacts related to the CCS2022 paper: C2C: Fine-grained Configuration-driven System Call Filter…☆11Nov 4, 2022Updated 3 years ago
- ☆11Feb 22, 2016Updated 10 years ago
- Fork from git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git (unstable and force pushed!)☆22Jun 15, 2023Updated 2 years ago
- Working examples of KRSI (via BCC scripts).☆15Dec 21, 2020Updated 5 years ago
- Open Source runtime tool which help to detect malware code execution and run time mis-configuration change on a kubernetes cluster☆36Jan 22, 2022Updated 4 years ago
- SysFlow edge processing pipeline☆18Jan 15, 2025Updated last year
- A process level network security monitoring and enforcement project for Kubernetes, using eBPF☆44Jun 16, 2020Updated 5 years ago
- Trace deep kernel events through eBPF and lsm hooks☆42Feb 9, 2021Updated 5 years ago
- UTrace is a tracing utility that leverages eBPF to trace both user space and kernel space functions☆50Jan 18, 2022Updated 4 years ago
- ☆25Dec 14, 2023Updated 2 years ago
- ☆11Aug 28, 2024Updated last year
- Linux Kernel Runtime Integrity with eBPF☆184Nov 23, 2023Updated 2 years ago
- Dataset from Linux Raspian VMs and devices with auditd logs capturing various container escape and attacks.☆15Jul 30, 2022Updated 3 years ago
- Diagrams to visually learn Falco and its eBPF probe☆15Jun 24, 2021Updated 4 years ago
- ☆26Jun 5, 2025Updated 9 months ago
- ☆17Mar 22, 2019Updated 6 years ago
- This tool set can generate required capabilities for binaries. A system call to capability mapping is used to assign capability to the bi…☆14Oct 26, 2022Updated 3 years ago
- A collection of kernels used for CI builds☆17Feb 17, 2026Updated 2 weeks ago
- ☆38Feb 15, 2022Updated 4 years ago
- suidsnoop is a tool based on eBPF LSM programs that logs whenever a suid binary is executed and implements custom allow/deny lists.☆16Oct 31, 2021Updated 4 years ago
- ☆15Apr 28, 2023Updated 2 years ago
- eBPF developer tutorials to build CO-RE libbpf tools:generated by chatGPT and teach chatGPT to write eBPF programs! ( eBPF 工具开发实践教程: 通过例…☆17Oct 12, 2024Updated last year
- k8tls (pronounced cattles), to assess server port security by detecting its TLS and certificates configuration.☆20Jan 27, 2026Updated last month
- 实现一个基于eBPF技术监控容器行为的工具☆16May 9, 2025Updated 9 months ago
- Analysis of syscall sequence pattern from exploit codes for advanced system call sequence filtering for enhanced container security☆16May 21, 2023Updated 2 years ago
- Source-code based coverage for eBPF programs actually running in the Linux kernel☆137Feb 6, 2025Updated last year
- Ebpf faqs, samples, tooling☆45Jul 1, 2021Updated 4 years ago
- OCI hook to trace syscalls and generate a seccomp profile☆338Feb 12, 2026Updated 3 weeks ago
- ☆18Sep 4, 2023Updated 2 years ago
- GoBPFLD is a pure go eBPF loader/userspace library☆20Feb 5, 2022Updated 4 years ago
- ☆46Sep 28, 2019Updated 6 years ago
- This repository contains the source code related to the research paper titled "Temporal System Call Specialization for Attack Surface Red…☆38Nov 14, 2024Updated last year
- ☆18Nov 17, 2020Updated 5 years ago
- LSM BPF module to block pwnkit (CVE-2021-4034) like exploits☆21Feb 17, 2022Updated 4 years ago
- ioring wrapper for windows-rs☆24Oct 2, 2022Updated 3 years ago