eBPF-based Networking, Security, and Observability

Linux Runtime Security and Forensics using eBPF

Prometheus exporter for custom eBPF metrics

Schedule bpftrace programs on your kubernetes cluster using the kubectl

Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (LSM-BPF, AppArmor).

Library to work with eBPF programs from Go

eBPF library for Go. Powered by libbpf.

eBPF (extended Berkeley Packet Filter) Guide. Learn all about the eBPF Tools and Libraries for Security, Monitoring , and Networking.

traffic control in pure go - it allows to read and alter queues, filters and classes

Framework for running BPF programs with rules on Linux as a daemon. Container aware.

vArmor is a cloud native container sandbox system based on AppArmor/BPF/Seccomp. It also includes multiple built-in protection rules that are ready to use out of the box.

📺 Automatically capture all potentially useful information about each executed command (as well as its output) and get powerful querying mechanism

The libseccomp golang bindings repository

eBPF based TCP observability.

Now moved into `github.com/inspektor-gadget/inspektor-gadget/pkg/gadget-collection/gadgets/traceloop`. Tracing system calls in cgroups using BPF and overwritable ring buffers

Modernized kernel functions, kernel tracepoints and bpf progs tracing tool for the bpf era.

Go bindings for iptables, ebtables and arptables, which provide numerous features, extensions and more.

A toy tool that leverages the super powers of XDP to bring in-kernel IP filtering

eBPF-based packet filtering firewall for Linux.