Skip to content

trapmine/trapmine-linux-sensor

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

199 Commits

build

build

 
 

include

include

 
 

kalbur

kalbur

 
 

licenses

licenses

 
 

scripts

scripts

 
 

tests

tests

 
 

third_party

third_party

 
 

tools

tools

 
 

.clang-format

.clang-format

 
 

.gitignore

.gitignore

 
 

.gitmodules

.gitmodules

 
 

COPYING.txt

COPYING.txt

 
 

Makefile

Makefile

 
 

Makefile.inc

Makefile.inc

 
 

README.md

README.md

 
 

Repository files navigation

Trapmine Linux Sensor

Overview

Trapmine linux sensor is an ebpf based agent for monitoring security relevant events on Linux systems. The sensor collects information from various sources inside the linux kernel, with particular focus on events which can be used to perform security detection and prevention. The sensor may be used to build a system for detecting process infections, reverse shells, fileless executions, kernel exploits, many other attack vectors.

Dependecies

  • Kernel >= 4.18
  • Kernel compiled with CONFIG_DEBUG_INFO_BTF
  • clang >= 13.0.0

Build, Install and Run

make

sudo make install

sudo /opt/trapmine/agent/sensor-core

Build tests

make build-test

License

Trapmine Linux Sensor is licensed under GNU GPL v2.0.

About

An ebpf based agent for monitoring security relevant events on Linux systems.

trapmine.com/

Topics

linux security ebpf

Resources

Readme

License

GPL-2.0 license
Activity
Custom properties

Stars

32 stars

Watchers

7 watching

Forks

4 forks
Report repository

Releases

3 tags

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages