willfindlay / ebpH
ebpH (Extended BPF Process Homeostasis) monitors process behavior on your system to establish normal behavioral patterns. ebpH reports anomalous behavior and prevents attacks by denying anoamlous access requests.
β40Updated last year
Related projects: β
- π BPFBox π¦ Exploring process confinement in eBPFβ98Updated 8 months ago
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkitsβ120Updated last year
- LSM BPF module to block pwnkit (CVE-2021-4034) like exploitsβ20Updated 2 years ago
- bpflock - eBPF driven security for locking and auditing Linux machinesβ136Updated 2 years ago
- Example BPF program with LSM hooksβ31Updated 3 years ago
- Linux Kernel Runtime Integrity with eBPFβ163Updated 9 months ago
- Trace deep kernel events through eBPF and lsm hooksβ32Updated 3 years ago
- β82Updated 2 months ago
- Red Canary's eBPF Sensorβ97Updated 2 months ago
- ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.β113Updated last year
- eBPF - extended Berkeley Packet Filter toolingβ121Updated 2 years ago
- BPFContain is a container security daemon for GNU/Linux leveraging the power and safety of eBPF and Rust.β55Updated 2 years ago
- A file system events notifier based on eBPFβ54Updated last year
- Source-code based coverage for eBPF programs actually running in the Linux kernelβ129Updated 2 years ago
- fuzzing framework based on libfuzzer and clang sanitizerβ163Updated 5 years ago
- An eBPF program debuggerβ193Updated 2 years ago
- A process level network security monitoring and enforcement project for Kubernetes, using eBPFβ40Updated 4 years ago
- This tool set can generate SECCOMP profiles for Docker images. It mainly relies on static analysis, making its results more reliable thanβ¦β62Updated 2 years ago
- Get live information about applications that make network requests (based on eBPF)β43Updated last month
- Fork from git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git (unstable and force pushed!)β20Updated last year
- eBPF based syscalls, files and network events tracing frameworkβ82Updated 4 years ago
- Sample ebpf programs to analyzeβ89Updated 2 months ago
- The BTFhub Archive repository provides BTF files for those published kernels that lack native support for embedded BTF, thereby enhancingβ¦β94Updated this week
- Ransomware Detection using Machine Learning with eBPF for Linux.β43Updated 2 months ago
- Example program using eBPF to log data being based in using shell pipesβ40Updated 3 years ago
- ebpfkit is a rootkit powered by eBPFβ746Updated last year
- A Rust library for managing eBPF programs.β114Updated 6 months ago
- monitor and protect SSH sessions with eBPFβ65Updated 3 years ago
- bouheki is KRSI(eBPF+LSM) based Linux security auditing tool.β82Updated last year
- VED-eBPF: Kernel Exploit and Rootkit Detection using eBPFβ147Updated 2 weeks ago