104 Open source projects that are alternatives of or similar to Tracee

High-level tracing language for Linux eBPF

bpflock - eBPF driven security for locking and auditing Linux machines

Library to work with eBPF programs from Go

Framework for running BPF programs with rules on Linux as a daemon. Container aware.

A BPF-based syscall fault injector

Ethereum p2p traffic analysis with eBPF

A toy tool that leverages the super powers of XDP to bring in-kernel IP filtering

Minimal and opinionated eBPF tooling for the Rust ecosystem

Rust virtual machine and JIT compiler for eBPF programs

Prometheus exporter for custom eBPF metrics

Experiemental userspace eBPF library

Rust bindings to libbpf from the Linux kernel

An XDP firewall that is capable of filtering specific packets based off of filtering rules specified in a config file. IPv6 is supported!

traffic control in pure go - it allows to read and alter queues, filters and classes

You came here so you could have a base code to serve you as an example on how to develop a BPF application, compatible to BCC and/or LIBBPF, specially LIBBPF, having the userland part made in C or PYTHON.

ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.

Cloud-native Runtime Security Enforcement System

Packet, where are you? -- Linux kernel networking debugger

lightweight cross-platform networking toolkit

eBPF-based Networking, Security, and Observability

eBPF package for Go

Schedule bpftrace programs on your kubernetes cluster using the kubectl

eBPF based TCP observability.

XDP project collaboration through a git-repo

eBPF/XDP-based software framework for fast network services running in the Linux kernel.

A curated list of awesome projects related to eBPF.

RPM specs for building bpf related tools on CentOS 7

Aya is an eBPF library for the Rust programming language, built with a focus on developer experience and operability.

Tool for Preventing Data Exfiltration with eBPF

libsinsp, libscap, the kernel module driver, and the eBPF driver sources

一个深挖 Linux 内核的新功能特性，以 io_uring, cgroup, ebpf, llvm 为代表，包含开源项目，代码案例，文章，视频，架构脑图等

uprobe-based HTTP tracer for Go binaries

No description or website provided.

Just-in-Time compilation of bpf

LMP is a supermarket

Instant Kubernetes-Native Application Observability

OCaml embedded eBPF assembler

IOVisor OVN integration

BTFHub, together with BTFHub Archive repository, provides BTF files for existing published kernels that don't support embedded BTF.

Cloud Native Runtime Security

Layer 4 Single Packet Authentication Linux kernel module utilizing Netfilter hooks and kernel supported Berkeley Packet Filters (BPF)

[Deplicated] Now we have more sophisticated (and compact) implementation in ipftrace2 repository. Please check it as well.

No description or website provided.

Capstone disassembly/disassembler framework: Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings.

Automated upstream mirror for libbpf stand-alone build.

Redirection and filtering Source Engine game traffic in bundle with sqproxy

Linux Application Firewall

Red Canary's eBPF Sensor

Dump unix domain socket traffic with bpf

CLI to install, manage & troubleshoot Kubernetes clusters running Cilium

tcpslice concatenates multiple pcap files together, or extracts time slices from one or more pcap files.

Use eBPF to speed up your Service Mesh like crossing an Einstein-Rosen Bridge.

BPF Processor for IDA Python

A Linux Host-based Intrusion Detection System based on eBPF.

eBPF Processor for Ghidra

The main libseccomp repository

Performance visualisation tools

Instant Kubernetes-Native Application Observability

Remix for Solana.

Observability & Troubleshooting for Kubernetes Services