#安卓#ecapture 是一款无需安装CA证书,即可抓取HTTPS、TLS等明文数据包的工具。也可以捕捉bash的命令,适用于安全审计场景。包括mysqld的数据审计等。
Process-aware, eBPF-based tcpdump
texporter is a lightweight, high-performance eBPF-based network traffic exporter for Prometheus.
lightmon is a lightweight, Docker/K8s container-aware network traffic monitoring tool based on eBPF technology.
Simple root privilege escalation detection using eBPF 🐝
Log API calls with eBPF
What's going on down there? Kernel sniffing using eBPF.
A Enhanced observability and security solution to fully prevent DNS exfiltration (C2, tunnelling) with no data loss using XDP, TC, Netfilter, BPF_MAPs. Ring Buffers, Running eBPF inside linux ker...
eBPF program that counts TCP, UDP and ICMP egress packets (includes source and destination IPs (pods, nodes, external), ports, protocol and TCP flags or ICMP Echo types)