ebpf-go

#安卓#ecapture 是一款无需安装CA证书，即可抓取HTTPS、TLS等明文数据包的工具。也可以捕捉bash的命令，适用于安全审计场景。包括mysqld的数据审计等。

Process-aware, eBPF-based tcpdump

texporter is a lightweight, high-performance eBPF-based network traffic exporter for Prometheus.

lightmon is a lightweight, Docker/K8s container-aware network traffic monitoring tool based on eBPF technology.

Simple root privilege escalation detection using eBPF 🐝

A faster PostgreSQL connection pool with eBPF.

eBPF per process fireawall

Log API calls with eBPF

Real-Time Process Monitor Using eBPF

Experiment with BPF_MAP_TYPE_HASH_OF_MAPS

What's going on down there? Kernel sniffing using eBPF.

eBPF program that counts TCP, UDP and ICMP egress packets (includes source and destination IPs (pods, nodes, external), ports, protocol and TCP flags or ICMP Echo types)

轻量级容器监控工具，eBPF+Go实现，内存≤48MB，实时终端界面 Lightweight container monitoring tool with eBPF+Go, ≤48MB memory, real-time terminal UI