This tool have the power to hide any PID/directory in the Linux kernel
MIT License
eBPF library for Go. Powered by libbpf.
ebpf-go is a pure-Go library to read, modify and load eBPF programs and attach them to various ho...
Elastic's eBPF
A Linux Host-based Intrusion Detection System based on eBPF.
High-level tracing language for Linux eBPF
极客时间专栏《eBPF 核心技术与实战》案例
Weaponizing the Linux Kernel (Hide Files/PID, SSH backdoors, SSL Sniffer, ...) by poking around e...
A collection of Rust libraries for inspecting & managing eBPF
Learning eBPF, published by O'Reilly - out now! Here's where you'll find a VM config for the exam...
eBPF Developer Tutorial: Learning eBPF Step by Step with Examples
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and...
ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits
Syscall monitoring and auditing tool built using eBPF
bpf 学习仓库
a starter project develop ebpf in golang + devcontainer docker environment, works any env support...