exectrace
exectrace copied to clipboard

coder

→

Metadata

Simple eBPF-based exec snooping on Linux packaged as a Go library.

Reame
Issues

Results 2 exectrace issues

Sort by recently updated

chore: add VM testing matrix

1

- Add testing script `vm_test.sh ` which creates an Ubuntu 20.04 on the requested arch, installs the requested kernel, reboots, and runs go tests - Add github workflow for running...

deansheather

Kernel < 5.8 support

Right now, exectrace uses `BPF_MAP_TYPE_RINGBUF` which is only supported in Linux kernel 5.8+. To support older kernels, we would need to reimplement the output method to use a perf map...

deansheather

About

Simple eBPF-based exec snooping on Linux packaged as a Go library.

linux

ebpf

exec

execsnoop

21

Stars

2

Forks

Watchers

Owner

coder

← Metadata

21

Stars

2

Forks

Watchers

Owner

coder

Metadata

Simple eBPF-based exec snooping on Linux packaged as a Go library.

Back

exectrace exectrace copied to clipboard

Metadata

chore: add VM testing matrix

Kernel < 5.8 support

← Metadata

Owner

Metadata

exectrace
exectrace copied to clipboard