132 Open source projects that are alternatives of or similar to sockdump

uprobe-based HTTP tracer for Go binaries

🐝 BPFBox 📦 Exploring process confinement in eBPF

tcpslice concatenates multiple pcap files together, or extracts time slices from one or more pcap files.

RPM specs for building bpf related tools on CentOS 7

BCC port for MRI - this is unofficial bonsai project.

the TCPdump network dissector

High-level tracing language for Linux eBPF

LMP is a supermarket

PInvoke wrapper for WinDivert

Network Tools

Fast and Lightweight Observability Data Collector

eBPF Processor for Ghidra

IOVisor OVN integration

Observability & Troubleshooting for Kubernetes Services

Habbo Packet Sniffer/Analyzer

ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.

No description or website provided.

an experimental suite of applications and APIs for monitoring kernel-level activity on a live Kubernetes cluster

ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits

lightweight cross-platform networking toolkit

一个深挖 Linux 内核的新功能特性，以 io_uring, cgroup, ebpf, llvm 为代表，包含开源项目，代码案例，文章，视频，架构脑图等

@zhangkn

hBPF = eBPF in hardware

Jxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).

[Deplicated] Now we have more sophisticated (and compact) implementation in ipftrace2 repository. Please check it as well.

Open Source runtime tool which help to detect malware code execution and run time mis-configuration change on a kubernetes cluster

This is a repo is to upload files done during my research.

traffic control in pure go - it allows to read and alter queues, filters and classes

DNS Statistics Collector

Set of scripts to monitor PostgreSQL at low level using bcc

A BPF-based syscall fault injector

sniffer and parse zookeeper packet

You came here so you could have a base code to serve you as an example on how to develop a BPF application, compatible to BCC and/or LIBBPF, specially LIBBPF, having the userland part made in C or PYTHON.

Demos for Pixie: github.com/pixie-io/pixie

rvictl for Linux and Windows: capture packets sent/received by iOS devices

Ethereum p2p traffic analysis with eBPF

eBPF based always-on profiler auto-discovering targets in Kubernetes and systemd, zero code changes or restarts needed!

An XDP firewall that is capable of filtering specific packets based off of filtering rules specified in a config file. IPv6 is supported!

Netvisix visualizes the network packet flow between hosts

Cloud-native Runtime Security Enforcement System

ebpfkit is a rootkit powered by eBPF

A Linux Host-based Intrusion Detection System based on eBPF.

Draft of generic instrumentation tool based on QEMU using eBPF to implement trivial instrumentations with trivial code

Simple TCP service mocking tool for replaying https://www.wireshark.org and http://www.tcpdump.org captured service traffic

Rust bindings to libbpf from the Linux kernel

ARP spoofing, HTTP redirection, DNS spoofing and DNS forging using pcap library

.NET Wrapper for WinDivert

Elastic's eBPF

Aya is an eBPF library for the Rust programming language, built with a focus on developer experience and operability.

A minimal .NET binding over WinDivert

Redirection and filtering Source Engine game traffic in bundle with sqproxy

Kernel profiler based on perf_event and ebpf

Red Canary's eBPF Sensor

Sample usage of the new memfd_create(2) Linux system call.

Data first monitoring agent using (e)BPF, built on RedBPF

Cross-platform Packet Capture which supports Linux and macOS(BSD) in 1000 LOC without depending on libpcap.

CLI to install, manage & troubleshoot Kubernetes clusters running Cilium

eBPF program using kprobes to trace TCP events without run-time compilation dependencies

Instant Kubernetes-Native Application Observability

libsinsp, libscap, the kernel module driver, and the eBPF driver sources