139 Open source projects that are alternatives of or similar to eBPF-for-Ghidra

Tomb Raider II Injector Dynamic Library

A library which is able to decompile a delegate or a method body to its lambda representation

Console application for decompiling, recompiling, packaging, and patching tModLoader's .tmod files at blazing-fast speeds.

All-in-one Java reverse engineering tool

No description or website provided.

Rust bindings to libbpf from the Linux kernel

Android class dependency visualizer. This tool helps to visualize the current state of the project.

Import DynamoRIO drcov code coverage data into Ghidra

open source repository

🐝 BPFBox 📦 Exploring process confinement in eBPF

Decompiler for x86 and x86-64 ELF binaries

Data first monitoring agent using (e)BPF, built on RedBPF

Draft of generic instrumentation tool based on QEMU using eBPF to implement trivial instrumentations with trivial code

Remapping tool for compiled java programs.

No description or website provided.

Reko is a binary decompiler.

Elastic's eBPF

Driver 2 Playstation game reverse engineering effort

Fast and Lightweight Observability Data Collector

WebAssembly to C decompiler

A Ghidra extension for scripting with GraalVM languages, including Javascript, Python3, R, and Ruby.

easy to read hlsl asm shader code. parse dxbc text and export hlsl like for read

an experimental suite of applications and APIs for monitoring kernel-level activity on a live Kubernetes cluster

📱 Decompile android apps with a single command

Apkmod can decompile, recompile, sign APK, and bind the payload with any legit APP

*Decompile All the Things* - IDA Batch Decompile plugin and script for Hex-Ray's IDA Pro that adds the ability to batch decompile multiple files and their imports with additional annotations (xref, stack var size) to the pseudocode .c file

eBPF program using kprobes to trace TCP events without run-time compilation dependencies

hBPF = eBPF in hardware

.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!

Ghidra Data Type (GDT) Helper

A writeup of the network protocol used in Among Us, a game by Innersloth.

🐉 Export ghidra decompiled code to dwarf sections inside ELF binary

Search Web Console Plugin for Apache Felix

You came here so you could have a base code to serve you as an example on how to develop a BPF application, compatible to BCC and/or LIBBPF, specially LIBBPF, having the userland part made in C or PYTHON.

Displays dependencies between classes as fancy graph.

Open Source runtime tool which help to detect malware code execution and run time mis-configuration change on a kubernetes cluster

一步到位反编译apk工具(onekey decompile apk)

eBPF based always-on profiler auto-discovering targets in Kubernetes and systemd, zero code changes or restarts needed!

🔥 Decompile APK（反编译APK）

BCC port for MRI - this is unofficial bonsai project.

Quickly analyze and reverse engineer Android packages

Observability & Troubleshooting for Kubernetes Services

Tomb Raider: Chronicles Disassembly translated to C source code.

WDC 65816 processor module for Ghidra

PyInstaller Extractor

Ghidra plugin to start an r2 webserver to let r2 interact with it

Emacs Lisp Decompiler

Kernel profiler based on perf_event and ebpf

💾 A .NET assembly editor based on dnlib

Ghidra extension to disassemble NSIS installers

Decompile React Native Android/IOS Bundle.

The modern Java bytecode editor

Tools I have Reverse Engineered !!

ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits

🐞Android crack tool For Mac

A BPF-based syscall fault injector

Ghidra analysis plugin to locate cryptographic constants

Unofficial CMake build for Ghidra SLEIGH

ebpfkit is a rootkit powered by eBPF

一键反编译工具(不需要手动安装Python) One key for quickly decompile apk/aar/dex/jar, support by jadx/dex2jar/enjarify.