#安卓#ecapture 是一款无需安装CA证书,即可抓取HTTPS、TLS等明文数据包的工具。也可以捕捉bash的命令,适用于安全审计场景。包括mysqld的数据审计等。
Process-aware, eBPF-based tcpdump
texporter is a lightweight, high-performance eBPF-based network traffic exporter for Prometheus.
lightmon is a lightweight, Docker/K8s container-aware network traffic monitoring tool based on eBPF technology.
Simple root privilege escalation detection using eBPF 🐝
Log API calls with eBPF
Real-Time Process Monitor Using eBPF
What's going on down there? Kernel sniffing using eBPF.
eBPF program that counts TCP, UDP and ICMP egress packets (includes source and destination IPs (pods, nodes, external), ports, protocol and TCP flags or ICMP Echo types)
轻量级容器监控工具,eBPF+Go实现,内存≤48MB,实时终端界面 Lightweight container monitoring tool with eBPF+Go, ≤48MB memory, real-time terminal UI