eBPF
eBPF is a technology that can run sandboxed programs in a privileged context such as the operating system kernel.
It is used to safely and efficiently extend the capabilities of the kernel at runtime without requiring to change kernel source code or load kernel modules.
Here are 32 public repositories matching this topic...
Cloud Native Runtime Security
-
Updated
May 23, 2024 - C++
Instant Kubernetes-Native Application Observability
-
Updated
May 25, 2024 - C++
PcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packets. It is designed to be efficient, powerful and easy to use. It provides C++ wrappers for the most popular packet processing engines such as libpcap, Npcap, WinPcap, DPDK, AF_XDP and PF_RING.
-
Updated
May 26, 2024 - C++
Fast and Lightweight Observability Data Collector
-
Updated
May 24, 2024 - C++
Userspace eBPF runtime for fast Uprobe & Syscall hook & Extensions with LLVM JIT
-
Updated
May 25, 2024 - C++
eBPF/XDP-based software framework for fast network services running in the Linux kernel.
-
Updated
Mar 7, 2023 - C++
eBPF verifier based on abstract interpretation
-
Updated
May 23, 2024 - C++
An In-Kernel Solution Based on BPF/XDP for 5G UPF
-
Updated
Mar 1, 2024 - C++
ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.
-
Updated
Apr 12, 2023 - C++
ebpf profiler for jvm
-
Updated
May 5, 2021 - C++
A complete subset of SRv6 local function & transit written in XDP
-
Updated
Jan 1, 2023 - C++
Binary Ninja eBPF & Solana plugin (disasm & LLIL)
-
Updated
Aug 27, 2022 - C++
A sample PoC for container-aware exec events for osquery
-
Updated
Feb 15, 2024 - C++