Topic: "bpf"
cilium/cilium
eBPF-based Networking, Security, and Observability
Language: Go - Size: 387 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 21,571 - Forks: 3,194
bpftrace/bpftrace
High-level tracing language for Linux
Language: C++ - Size: 12.4 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 9,175 - Forks: 1,375
capstone-engine/capstone
Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), Alpha, BPF, Ethereum VM, HPPA, LoongArch, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, TriCore, Webassembly, XCore and X86.
Language: C - Size: 62.6 MB - Last synced at: 5 days ago - Pushed at: 6 days ago - Stars: 8,000 - Forks: 1,589
zoidyzoidzoid/awesome-ebpf
A curated list of awesome projects related to eBPF.
Size: 144 KB - Last synced at: 4 days ago - Pushed at: 7 days ago - Stars: 4,576 - Forks: 388
parca-dev/parca
Continuous profiling for analysis of CPU and memory usage, down to the line number and throughout time. Saving infrastructure cost, improving performance, and increasing reliability.
Language: TypeScript - Size: 134 MB - Last synced at: about 23 hours ago - Pushed at: 1 day ago - Stars: 4,428 - Forks: 233
hengyoush/kyanos
Kyanos is a networking analysis tool using eBPF. It can visualize the time packets spend in the kernel, capture requests/responses, makes troubleshooting more efficient.
Language: C - Size: 37.9 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 4,121 - Forks: 157
cilium/tetragon
eBPF-based Security Observability and Runtime Enforcement
Language: C - Size: 74.3 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 3,958 - Forks: 416
aquasecurity/tracee
Linux Runtime Security and Forensics using eBPF
Language: Go - Size: 173 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 3,877 - Forks: 445
aya-rs/aya
Aya is an eBPF library for the Rust programming language, built with a focus on developer experience and operability.
Language: Rust - Size: 7.78 MB - Last synced at: about 23 hours ago - Pushed at: 1 day ago - Stars: 3,626 - Forks: 324
cilium/pwru
Packet, where are you? -- eBPF-based Linux kernel networking debugger
Language: C - Size: 8.41 MB - Last synced at: 2 days ago - Pushed at: 6 days ago - Stars: 3,304 - Forks: 192
eunomia-bpf/bpf-developer-tutorial
eBPF Developer Tutorial: Learning eBPF Step by Step with Examples
Language: C - Size: 24.9 MB - Last synced at: 1 day ago - Pushed at: 3 months ago - Stars: 3,079 - Forks: 432
the-tcpdump-group/tcpdump
the TCPdump network dissector
Language: C - Size: 26.6 MB - Last synced at: about 19 hours ago - Pushed at: about 24 hours ago - Stars: 2,905 - Forks: 873
the-tcpdump-group/libpcap
the LIBpcap interface to various kernel packet capture mechanism
Language: C - Size: 19 MB - Last synced at: 1 day ago - Pushed at: 3 days ago - Stars: 2,851 - Forks: 889
xdp-project/xdp-tutorial
XDP tutorial
Language: C - Size: 557 KB - Last synced at: 1 day ago - Pushed at: 2 months ago - Stars: 2,656 - Forks: 611
inspektor-gadget/inspektor-gadget
Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF
Language: C - Size: 100 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 2,455 - Forks: 284
libbpf/libbpf
Automated upstream mirror for libbpf stand-alone build.
Language: C - Size: 9.95 MB - Last synced at: 1 day ago - Pushed at: 16 days ago - Stars: 2,368 - Forks: 436
cloudflare/ebpf_exporter
Prometheus exporter for custom eBPF metrics
Language: Go - Size: 12.5 MB - Last synced at: 1 day ago - Pushed at: 9 days ago - Stars: 2,325 - Forks: 252
iovisor/kubectl-trace
Schedule bpftrace programs on your kubernetes cluster using the kubectl
Language: Go - Size: 9.11 MB - Last synced at: about 10 hours ago - Pushed at: 10 months ago - Stars: 2,110 - Forks: 169
kubearmor/KubeArmor
Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (BPF-LSM, AppArmor).
Language: Go - Size: 58.6 MB - Last synced at: 1 day ago - Pushed at: 3 days ago - Stars: 1,721 - Forks: 367
oracle/bpftune
bpftune uses BPF to auto-tune Linux systems
Language: C - Size: 2.91 MB - Last synced at: about 17 hours ago - Pushed at: about 1 month ago - Stars: 1,607 - Forks: 86
DavadDi/bpf_study
bpf ๅญฆไน ไปๅบ
Language: C - Size: 25.6 MB - Last synced at: about 1 month ago - Pushed at: about 3 years ago - Stars: 1,452 - Forks: 334
hyperledger-solang/solang
Solidity Compiler for Solana, Polkadot and Stellar
Language: Rust - Size: 17.8 MB - Last synced at: about 20 hours ago - Pushed at: 3 days ago - Stars: 1,334 - Forks: 242
dropbox/goebpf
Library to work with eBPF programs from Go
Language: Go - Size: 1.72 MB - Last synced at: about 1 month ago - Pushed at: about 1 year ago - Stars: 1,148 - Forks: 86
pythops/oryx
๐ต๏ธโโ๏ธ TUI for sniffing network traffic using eBPF on Linux
Language: Rust - Size: 208 KB - Last synced at: about 5 hours ago - Pushed at: 16 days ago - Stars: 1,048 - Forks: 25
qmonnet/rbpf
Rust virtual machine and JIT compiler for eBPF programs
Language: Rust - Size: 915 KB - Last synced at: 1 day ago - Pushed at: 5 days ago - Stars: 995 - Forks: 278
mozillazg/ptcpdump
Process-aware, eBPF-based tcpdump
Language: C - Size: 69.4 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 978 - Forks: 54
seccomp/libseccomp
The main libseccomp repository
Language: C - Size: 1.91 MB - Last synced at: about 4 hours ago - Pushed at: 6 days ago - Stars: 849 - Forks: 181
libbpf/libbpf-rs
Minimal and opinionated eBPF tooling for the Rust ecosystem
Language: Rust - Size: 6.07 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 844 - Forks: 148
aquasecurity/libbpfgo
eBPF library for Go. Powered by libbpf.
Language: Go - Size: 967 KB - Last synced at: 1 day ago - Pushed at: 27 days ago - Stars: 787 - Forks: 96
getanteon/alaz
Alaz: Advanced eBPF Agent for Kubernetes Observability โ Effortlessly monitor K8s service interactions and performance metrics in your K8s environment. Gain in-depth insights with service maps, metrics, and more, while staying alert to crucial system anomalies ๐
Language: C - Size: 7.17 MB - Last synced at: about 1 month ago - Pushed at: 7 months ago - Stars: 679 - Forks: 33
gamemann/XDP-Firewall
A firewall that utilizes the Linux kernel's XDP hook. The XDP hook allows for very fast network processing on Linux systems. This is great for dropping malicious traffic from a (D)DoS attack. IPv6 is supported with this firewall! I hope this helps network engineers/programmers interested in utilizing XDP!
Language: C - Size: 4.64 MB - Last synced at: 12 days ago - Pushed at: 12 days ago - Stars: 636 - Forks: 103
parca-dev/parca-agent
eBPF based always-on profiler auto-discovering targets in Kubernetes and systemd, zero code changes or restarts needed!
Language: Go - Size: 64.1 MB - Last synced at: about 8 hours ago - Pushed at: 12 days ago - Stars: 621 - Forks: 76
mikeroyal/eBPF-Guide
eBPF (extended Berkeley Packet Filter) Guide. Learn all about the eBPF Tools and Libraries for Security, Monitoring , and Networking.
Language: Go - Size: 181 KB - Last synced at: about 1 month ago - Pushed at: over 1 year ago - Stars: 576 - Forks: 55
libbpf/bpftool
Automated upstream mirror for bpftool stand-alone build.
Language: C - Size: 1.05 MB - Last synced at: about 1 hour ago - Pushed at: about 1 month ago - Stars: 512 - Forks: 94
polycube-network/polycube
eBPF/XDP-based software framework for fast network services running in the Linux kernel.
Language: C++ - Size: 20.3 MB - Last synced at: about 1 month ago - Pushed at: about 2 years ago - Stars: 511 - Forks: 102
florianl/go-tc
traffic control in pure go - it allows to read and alter queues, filters and classes
Language: Go - Size: 680 KB - Last synced at: 1 day ago - Pushed at: 3 days ago - Stars: 484 - Forks: 49
xdp-project/bpf-examples
Making eBPF programming easier via build env and examples
Language: C - Size: 1.5 MB - Last synced at: about 1 month ago - Pushed at: 2 months ago - Stars: 478 - Forks: 99
genuinetools/bpfd
Framework for running BPF programs with rules on Linux as a daemon. Container aware.
Language: Go - Size: 3.57 MB - Last synced at: about 1 month ago - Pushed at: about 4 years ago - Stars: 478 - Forks: 39
Orange-OpenSource/bmc-cache
In-kernel cache based on eBPF.
Language: C - Size: 436 KB - Last synced at: 8 days ago - Pushed at: over 3 years ago - Stars: 448 - Forks: 48
YutaroHayakawa/ipftrace2
A packet oriented Linux kernel function call tracer
Language: C - Size: 17.1 MB - Last synced at: about 1 month ago - Pushed at: about 1 year ago - Stars: 401 - Forks: 17
bytedance/vArmor
vArmor is a cloud native container sandbox system based on AppArmor/BPF/Seccomp. It also includes multiple built-in protection rules that are ready to use out of the box.
Language: Go - Size: 70 MB - Last synced at: 15 days ago - Pushed at: 15 days ago - Stars: 362 - Forks: 37
carloslack/KoviD
Red-Team Linux kernel rootkit
Language: C - Size: 26.8 MB - Last synced at: 14 days ago - Pushed at: 23 days ago - Stars: 362 - Forks: 60
aliyun/surftrace
surftrace is a tool that allows you to surf the linux kernel
Language: Python - Size: 12 MB - Last synced at: 9 days ago - Pushed at: over 1 year ago - Stars: 334 - Forks: 60
strang1ato/nhi
:tv: Automatically capture all potentially useful information about each executed command (as well as its output) and get powerful querying mechanism
Language: Go - Size: 4.44 MB - Last synced at: about 1 month ago - Pushed at: 8 months ago - Stars: 314 - Forks: 11
alessandrod/snuffy
Snuffy is a simple command line tool to inspect SSL/TLS data.
Language: Rust - Size: 28.3 KB - Last synced at: 8 days ago - Pushed at: over 4 years ago - Stars: 291 - Forks: 15
seccomp/libseccomp-golang
The libseccomp golang bindings repository
Language: Go - Size: 145 KB - Last synced at: 1 day ago - Pushed at: 21 days ago - Stars: 284 - Forks: 58
xdp-project/xdp-project
XDP project collaboration through a git-repo
Language: CSS - Size: 37.9 MB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 277 - Forks: 36
lac-dcc/honey-potion
Writing eBPF programs with Elixir!
Language: C - Size: 5.31 MB - Last synced at: 20 days ago - Pushed at: 20 days ago - Stars: 270 - Forks: 11
mehrdadrad/tcpdog
eBPF based TCP observability.
Language: Go - Size: 2.31 MB - Last synced at: 8 days ago - Pushed at: almost 4 years ago - Stars: 259 - Forks: 22
furkanonder/beetrace
Trace your python process line by line with eBPF!
Language: Python - Size: 370 KB - Last synced at: 7 days ago - Pushed at: about 2 years ago - Stars: 257 - Forks: 4
EHfive/einat-ebpf
An eBPF-based Endpoint-Independent(Full Cone) NAT for Linux
Language: Rust - Size: 1.95 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 238 - Forks: 15
eunomia-bpf/GPTtrace
Generate eBPF programs and tracing with ChatGPT
Language: Python - Size: 7.97 MB - Last synced at: about 1 month ago - Pushed at: 9 months ago - Stars: 237 - Forks: 23
rmind/npf
NPF: packet filter with stateful inspection, NAT, IP sets, etc.
Language: C - Size: 1.15 MB - Last synced at: 10 months ago - Pushed at: 10 months ago - Stars: 237 - Forks: 42
libbpf/libbpf-sys
Rust bindings to libbpf from the Linux kernel
Language: Rust - Size: 232 KB - Last synced at: about 13 hours ago - Pushed at: 14 days ago - Stars: 223 - Forks: 50
navarrothiago/upf-bpf
An In-Kernel Solution Based on eBPF / XDP for 5G UPF
Language: C++ - Size: 1.52 MB - Last synced at: about 1 month ago - Pushed at: 8 months ago - Stars: 200 - Forks: 28
kinvolk/traceloop ๐ฆ
Now moved into `github.com/inspektor-gadget/inspektor-gadget/pkg/gadget-collection/gadgets/traceloop`. Tracing system calls in cgroups using BPF and overwritable ring buffers
Language: Go - Size: 548 KB - Last synced at: 24 days ago - Pushed at: about 2 years ago - Stars: 198 - Forks: 11
cloudflare/rakelimit
A fair-share ratelimiter implemented in BPF
Language: C - Size: 11.9 MB - Last synced at: 7 months ago - Pushed at: 8 months ago - Stars: 189 - Forks: 11
gamemann/XDP-Proxy
A stateless, high-performance NAT-like proxy that attaches to the XDP hook in the Linux kernel using (e)BPF for fast packet processing. This proxy forwards packets based on configurable rules and performs source-port mapping, similar to IPTables and NFTables.
Language: C - Size: 3.71 MB - Last synced at: 3 days ago - Pushed at: about 2 months ago - Stars: 188 - Forks: 26
msantos/epcap
Erlang packet capture interface using pcap
Language: C - Size: 377 KB - Last synced at: about 1 month ago - Pushed at: 3 months ago - Stars: 179 - Forks: 56
furkanonder/DnsTrace
Monitor DNS queries by host processes using eBPF!
Language: Python - Size: 515 KB - Last synced at: 4 days ago - Pushed at: 7 months ago - Stars: 170 - Forks: 9
tw4452852/zbpf
Writing eBPF in Zig
Language: Zig - Size: 4.79 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 154 - Forks: 8
linux-lock/bpflock
bpflock - eBPF driven security for locking and auditing Linux machines
Language: C - Size: 4.97 MB - Last synced at: about 1 month ago - Pushed at: about 3 years ago - Stars: 147 - Forks: 14
jnidzwetzki/pg-lock-tracer
A eBPF based lock tracer for the PostgreSQL database
Language: Python - Size: 307 KB - Last synced at: about 1 month ago - Pushed at: 5 months ago - Stars: 142 - Forks: 17
singchia/go-xtables
Go bindings for iptables, ebtables and arptables, which provide numerous features, extensions and more.
Language: Go - Size: 1.3 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 136 - Forks: 18
elastic/bpfcov
Source-code based coverage for eBPF programs actually running in the Linux kernel
Language: C - Size: 1.38 MB - Last synced at: 3 days ago - Pushed at: 3 months ago - Stars: 132 - Forks: 8
ebpf-io/ebpf.io-website
ebpf.io Website
Language: HTML - Size: 265 MB - Last synced at: 1 day ago - Pushed at: 9 days ago - Stars: 123 - Forks: 131
javierhonduco/rbperf
Low-overhead sampling profiler and tracer for Ruby implemented in BPF
Language: Rust - Size: 1.9 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 116 - Forks: 5
trailofbits/ebpfpub
ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.
Language: C++ - Size: 266 KB - Last synced at: about 1 month ago - Pushed at: about 2 years ago - Stars: 116 - Forks: 8
landhb/DrawBridge
Layer 4 Single Packet Authentication Linux kernel module utilizing Netfilter hooks and kernel supported Berkeley Packet Filters (BPF)
Language: C - Size: 1.07 MB - Last synced at: 6 days ago - Pushed at: over 1 year ago - Stars: 114 - Forks: 23
ns1/xdp-workshop
Velocity SJC 2019 - DDoS mitigation made easy with XDP and eBPF
Language: C - Size: 355 KB - Last synced at: about 1 year ago - Pushed at: almost 6 years ago - Stars: 106 - Forks: 28
lithdew/alon
Remix for Solana.
Language: JavaScript - Size: 43 MB - Last synced at: 21 days ago - Pushed at: over 3 years ago - Stars: 105 - Forks: 15
mmisono/bpftrace-tetris
Tetris in bpftrace
Language: Shell - Size: 10.7 KB - Last synced at: about 1 month ago - Pushed at: over 4 years ago - Stars: 104 - Forks: 9
sematext/oxdpus
A toy tool that leverages the super powers of XDP to bring in-kernel IP filtering
Language: Go - Size: 41 KB - Last synced at: 26 days ago - Pushed at: over 4 years ago - Stars: 104 - Forks: 20
trailofbits/ebpfault
A BPF-based syscall fault injector
Language: C++ - Size: 48.8 KB - Last synced at: 23 days ago - Pushed at: about 2 years ago - Stars: 100 - Forks: 10
dkorunic/pktstat-bpf
TC, XDP, KProbe and CGroup eBPF based simple Ethernet interface traffic monitor and reporting tool
Language: C - Size: 3.92 MB - Last synced at: 15 days ago - Pushed at: 15 days ago - Stars: 97 - Forks: 5
gongluck/CVIP
C/C++/Golang/Linux...็ฅ่ฏๆด็
Language: C - Size: 26.3 MB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 97 - Forks: 31
eunomia-bpf/awesome-ebpf-zh
ไธ eBPF ็ธๅ ณ็็ฒพ้้กน็ฎ็ไธญๆๆธ ๅ
Size: 197 KB - Last synced at: 2 days ago - Pushed at: about 2 years ago - Stars: 96 - Forks: 13
kinvolk/cloud-native-bpf-workshop
Language: Shell - Size: 1.17 MB - Last synced at: over 1 year ago - Pushed at: almost 4 years ago - Stars: 96 - Forks: 25
genuinetools/bpfps
A tool to list and diagnose bpf programs. (Who watches the watchers..? :)
Language: Makefile - Size: 5.61 MB - Last synced at: about 1 month ago - Pushed at: over 4 years ago - Stars: 95 - Forks: 7
jschwinger233/skbdump
ebpf-based tcpdump
Language: C - Size: 5.7 MB - Last synced at: 9 days ago - Pushed at: over 1 year ago - Stars: 89 - Forks: 7
aya-rs/book
The Aya Book is an introductory book about using the Rust Programming Language and Aya library to build extended Berkley Packet Filter (eBPF) programs.
Language: HTML - Size: 2.07 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 88 - Forks: 61
bpfsnoop/bpfsnoop
Modernized kernel functions, kernel tracepoints and bpf progs tracing tool for the bpf era.
Language: Go - Size: 3.48 MB - Last synced at: 11 days ago - Pushed at: 11 days ago - Stars: 85 - Forks: 5
boratanrikulu/durdur
Lightweight packet filtering for Linux: 'durdur' is a high-performance, eBPF-based simple firewall tool that drops packets by IP or DNS domain. Perfect for on-demand network control.
Language: Go - Size: 551 KB - Last synced at: about 1 month ago - Pushed at: 10 months ago - Stars: 85 - Forks: 1
kinvolk-archives/cgnet ๐ฆ
Language: Go - Size: 41 KB - Last synced at: 11 months ago - Pushed at: almost 8 years ago - Stars: 84 - Forks: 18
DavadDi/skbtracer
skbtracer on ebpf
Language: C - Size: 17.6 KB - Last synced at: 8 days ago - Pushed at: over 3 years ago - Stars: 83 - Forks: 29
massoudasadi/packiffer
lightweight cross-platform networking toolkit
Language: Go - Size: 11 MB - Last synced at: 19 days ago - Pushed at: about 2 years ago - Stars: 82 - Forks: 2
leodido/traffico
Shape your traffic the BPF way
Language: C - Size: 96.7 KB - Last synced at: about 1 month ago - Pushed at: almost 2 years ago - Stars: 79 - Forks: 3
the-tcpdump-group/tcpslice
tcpslice concatenates multiple pcap files together, or extracts time slices from one or more pcap files.
Language: C - Size: 768 KB - Last synced at: 27 days ago - Pushed at: 28 days ago - Stars: 73 - Forks: 24
isovalent/ebeedex
Find your favorite eBee
Size: 16.3 MB - Last synced at: 4 days ago - Pushed at: about 1 month ago - Stars: 67 - Forks: 6
Asphaltt/skbtracer Fork of DavadDi/skbtracer ๐ฆ
skbtracer on ebpf
Language: C - Size: 1.24 MB - Last synced at: 10 months ago - Pushed at: about 2 years ago - Stars: 67 - Forks: 10
fbs/el7-bpf-specs
RPM specs for building bpf related tools on CentOS 7
Language: Shell - Size: 84 KB - Last synced at: 2 days ago - Pushed at: over 3 years ago - Stars: 67 - Forks: 13
shramos/pcap-splitter
Pcap-splitter allows you to split a pcap file into subsets of pcap files based on sessions, flows, ip addresses, number of bytes, number of network packets...
Language: Python - Size: 8.79 KB - Last synced at: 15 days ago - Pushed at: almost 6 years ago - Stars: 65 - Forks: 12
weixingsun/jBProF
ebpf profiler for jvm
Language: C++ - Size: 2.74 MB - Last synced at: 10 months ago - Pushed at: about 4 years ago - Stars: 63 - Forks: 3
Netronome/libkefir
Convert network filtering rules from various formats into BPF programs
Language: C - Size: 296 KB - Last synced at: about 1 year ago - Pushed at: about 5 years ago - Stars: 61 - Forks: 9
osinstom/P4-OvS
Bringing the power of P4 to OvS!
Language: C - Size: 74.6 MB - Last synced at: about 2 years ago - Pushed at: over 4 years ago - Stars: 60 - Forks: 13
chenjiandongx/bpfpinger
๐ฅ A high-performance ICMP ping implementation build on top of BPF technology.
Language: Go - Size: 51.8 KB - Last synced at: 23 days ago - Pushed at: 12 months ago - Stars: 56 - Forks: 2
TomasPhilippart/ebpfangel
๐ Ransomware Detection using Machine Learning with eBPF for Linux.
Language: Python - Size: 16.6 MB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 55 - Forks: 11
netbound/p2pflow
Ethereum p2p traffic analysis with eBPF
Language: C - Size: 4.07 MB - Last synced at: 6 days ago - Pushed at: over 3 years ago - Stars: 54 - Forks: 8
rebpf/rebpf
A Rust library to write and load bpf programs built on top of libbpf (no bcc dependency).
Language: Rust - Size: 195 KB - Last synced at: about 1 month ago - Pushed at: about 4 years ago - Stars: 54 - Forks: 7
fzakaria/ebpf-mpls-encap-decap
Sample project demonstrating how to use eBPF to encap/decap packets with an MPLS label.
Language: C - Size: 48.8 KB - Last synced at: about 1 month ago - Pushed at: over 5 years ago - Stars: 54 - Forks: 7
