eBPF-based Networking, Security, and Observability

Linux Runtime Security and Forensics using eBPF

Prometheus exporter for custom eBPF metrics

Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (LSM-BPF, AppArmor).

Schedule bpftrace programs on your kubernetes cluster using the kubectl

Library to work with eBPF programs from Go

eBPF library for Go. Powered by libbpf.

eBPF (extended Berkeley Packet Filter) Guide. Learn all about the eBPF Tools and Libraries for Security, Monitoring , and Networking.

traffic control in pure go - it allows to read and alter queues, filters and classes

vArmor is a cloud-native container hardening system that leverages AppArmor/BPF/Seccomp and network proxy technologies to enforce access control from system calls to application protocols — protecting workloads including AI Agents.

Framework for running BPF programs with rules on Linux as a daemon. Container aware.

Write your BPF programs in Go, not C. gobee transpiles a Go subset to BPF C and generates typed cilium/ebpf bindings.

📺 Automatically capture all potentially useful information about each executed command (as well as its output) and get powerful querying mechanism

The libseccomp golang bindings repository

eBPF based TCP observability.

Now moved into `github.com/inspektor-gadget/inspektor-gadget/pkg/gadget-collection/gadgets/traceloop`. Tracing system calls in cgroups using BPF and overwritable ring buffers

Modernized kernel functions, kernel tracepoints and bpf progs tracing tool for the bpf era.

Go bindings for iptables, ebtables and arptables, which provide numerous features, extensions and more.

A toy tool that leverages the super powers of XDP to bring in-kernel IP filtering

eBPF/XDP packet filtering for Linux.