kprobes

High-level tracing language for Linux

翻译 - Linux eBPF的高级跟踪语言

By Kprobe technology Open Source Host-based Intrusion Detection System(HIDS), from E_Bwill.

翻译 - 通过Kprobe技术，来自E_Bwill的基于开源主机的入侵检测系统（HIDS）。

Tool tracing syscalls in a fast way using eBPF linux kernel feature

TC, XDP, KProbe and CGroup eBPF based simple Ethernet interface traffic monitor and reporting tool

🔬 eBPF / libbpf bindings for Node.js

🔬 BPF Compiler Collection (BCC) frontend for Node.js

eBPF Tools - Tool for monitoring, performance benchmarking and tracing linux kernel

This repository contains a tool which traces syscalls in a fast way using eBPF linux kernel feature

使用kprobe获取sys_execve参数

Author of Project Adrishya a rootkit which use ftrace mechanism to hook syscall; (write this because God commanded me); work for both x86_64 and arm; CREDIT-(Oleksii Lozovskyi{ilammy})FOUNDER OF FTRAC...

Short demo of Linux kernel hooks with kprobes.

Tool tracing syscalls in a fast way using eBPF linux kernel feature

Misc BCC BPF Scripts

CS-550-Operating Systems - Spring 2020

Named After the Scottish loch, Lomond is a simple example on how to use kprobes in an LKM for learning purposes and gainning a deeper understanding of the Linux kernel.

Examples of C++ programs that generates BPF bytecodes

Monitor a Qdisc using a kernel probe

A Linux kernel module that replaces a specific display's EDID

Linux kernel module to trace and restrict access to system calls for specific processes

Source code for my personal portfolio and blog website. Features responsive design, dark mode, and a Markdown-powered blog.