Skip to content
/ catp-ebpf Public

Print the output of a running process using eBPF and Aya

7 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Tuetuopay/catp-ebpf

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
.cargo
.cargo
 
 
.vim
.vim
 
 
catp-ebpf
catp-ebpf
 
 
catp
catp
 
 
xtask
xtask
 
 
.gitignore
.gitignore
 
 
Cargo.toml
Cargo.toml
 
 
README.md
README.md
 
 
rustfmt.toml
rustfmt.toml
 
 
screenshot.png
screenshot.png
 
 

Repository files navigation

catp-ebpf

Print the output of a running process (or any of its open fd) like catp does, but using eBPF instead of ptrace.

Prerequisites

  1. Install a rust stable toolchain: rustup install stable
  2. Install a rust nightly toolchain: rustup install nightly
  3. Install bpf-linker: cargo install bpf-linker

Build eBPF

cargo xtask build-ebpf

Build Userspace

cargo build

Run

cargo xtask run -- -p <PID>

Examples

screenshot

About

Print the output of a running process using eBPF and Aya

Resources

Readme
Activity

Stars

7 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages