Hades
Hades copied to clipboard

Published 20 hours ago •

→

Metadata

Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)

Reame
Issues

Results 9 Hades issues

Sort by recently updated

[Feature] arm64 support

1

comment

**Is your feature request related to a problem? Please describe.** Nope **Describe the solution you'd like** compatible vmlinux.h or generate it. **Describe alternatives you've considered** None **Additional context** Git actions...

enhancement

[Feature] Add test-case

**Is your feature request related to a problem? Please describe.** Nope **Describe the solution you'd like** Test-case for every event and add these into CI/CD **Describe alternatives you've considered** **Additional...

enhancement

use Ringbuf as default map over kernel version 5.8

use Ringbuf as default map over kernel version 5.8. Since ringbuf get better performance and ordered the msgs

enhancement

Ordered msgs in perf_event

Ordered msgs in perf_event, add a function to sort the msgs in time order, so that a ppid_argv (parent pid argv) can be done properly

enhancement

[BUG] Dport incorrect in CO-RE

**Describe the bug** dport always 512 in Centos 8(CORE) **Environment** - OS Information: 4.18.0-348.7.1.el8_5.x86_64 **To Reproduce** reverse shell **Expected behavior** port just like we use in the command

[Feature] Extract process information by hooking tcp/udp sendmsg

[Feature] Make collector support windows

Let the plugin collector support windows

[Feature] Close the probe if limit hitted

In some situation, udp-related syscall is called very frequently. The kprobe itself may become the limitation of the performace. Let the ebpfmanager unload the probe.

enhancement

[Feature] Easy install by curl and bash

ATT

← Metadata

277

Stars

48

Forks

Watchers

Owner

Metadata

Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)