eBPF topic
eBPF is a technology that can run sandboxed programs in a privileged context such as the operating system kernel. It is used to safely and efficiently extend the capabilities of the kernel at runtime without requiring to change kernel source code or load kernel modules.
exectrace
Simple eBPF-based exec snooping on Linux packaged as a Go library.
goxdp-template
A sample for writing XDP programs in Go
awesome-ebpf
A curated list of awesome projects related to eBPF.
bitcoind-observer
EXPERIMENTAL: Bitcoin Core Prometheus exporter based on User-Space, Statically Defined Tracing and eBPF.
ebpf_exporter
A Prometheus exporter which uses eBPF to measure block IO request latency / size
OpenCSD
OpenCSD: eBPF Computational Storage Device (CSD) for Zoned Namespace (ZNS) SSDs in QEMU
pixie
Instant Kubernetes-Native Application Observability
ecapture
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
skywalking
APM, Application Performance Monitoring System
cilium
eBPF-based Networking, Security, and Observability