Capture SSL/TLS text content without a CA certificate using eBPF. This tool is compatible with Linux/Android x86_64/aarch64.
APACHE-2.0 License
Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events...
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and...
TC and XDP eBPF based simple Ethernet interface traffic monitor and reporting tool
ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits
An eBPF kernel Observable Agent To Spy Performance Issue On OS.
ebpfkit is a rootkit powered by eBPF
bpf 学习仓库
High-level tracing language for Linux eBPF
Network Cryptography Monitor - using eBPF, written in python
Process-aware, eBPF-based tcpdump
A Linux Host-based Intrusion Detection System based on eBPF.
An eBPF enhanced Linux kernel skb and socket tracing tool.
Build, Distribute and Run CO-RE eBPF programs easier with JSON and Webassembly OCI images
PcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packet...
eBPF Developer Tutorial: Learning eBPF Step by Step with Examples