Monitor Network Traffic Per Executable, Beautifully Visualized
-
Updated
Jan 2, 2024 - Python
eBPF is a technology that can run sandboxed programs in a privileged context such as the operating system kernel.
It is used to safely and efficiently extend the capabilities of the kernel at runtime without requiring to change kernel source code or load kernel modules.
Monitor Network Traffic Per Executable, Beautifully Visualized
Dump unix domain socket traffic with bpf
Performance visualisation tools
Demos for Pixie: github.com/pixie-io/pixie
[Deplicated] Now we have more sophisticated (and compact) implementation in ipftrace2 repository. Please check it as well.
🛡️ Introducing eBPFShield - a powerful 📍IP-intelligence and 📈DNS monitoring tool built using eBPF!
Real-time monitoring of KVM/Qemu VMs
ebpH (Extended BPF Process Homeostasis) monitors process behavior on your system to establish normal behavioral patterns. ebpH reports anomalous behavior and prevents attacks by denying anoamlous access requests.
eBPF based Network Monitoring using Prometheus and Grafana
An open source framework to easily build and deploy eBPF/XDP network monitoring probes and clusters in order to perform Service Programs Chain efficiently.
Intrusion Detection and Counter Attack System - CTF Attack/Defense tool