Cloud Native Runtime Security
-
Updated
Jun 28, 2024 - C++
eBPF is a technology that can run sandboxed programs in a privileged context such as the operating system kernel.
It is used to safely and efficiently extend the capabilities of the kernel at runtime without requiring to change kernel source code or load kernel modules.
Cloud Native Runtime Security
Instant Kubernetes-Native Application Observability
PcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packets. It is designed to be efficient, powerful and easy to use. It provides C++ wrappers for the most popular packet processing engines such as libpcap, Npcap, WinPcap, DPDK, AF_XDP and PF_RING.
Fast and Lightweight Observability Data Collector
Userspace eBPF runtime for fast Uprobe & Syscall hook & Extensions with LLVM JIT
eBPF/XDP-based software framework for fast network services running in the Linux kernel.
eBPF verifier based on abstract interpretation
An In-Kernel Solution Based on BPF/XDP for 5G UPF
ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.
ebpf profiler for jvm
A complete subset of SRv6 local function & transit written in XDP
Binary Ninja eBPF & Solana plugin (disasm & LLIL)
A sample PoC for container-aware exec events for osquery
eBPF bytecode assembler and compiler