eBPF topic

eBPF is a technology that can run sandboxed programs in a privileged context such as the operating system kernel. It is used to safely and efficiently extend the capabilities of the kernel at runtime without requiring to change kernel source code or load kernel modules.

List eBPF repositories

ilogtail

1.6k
Stars
349
Forks
Watchers

Fast and Lightweight Observability Data Collector

verified publisher icon alibaba

eBPF-Guide

478
Stars
42
Forks
Watchers

eBPF (extended Berkeley Packet Filter) Guide. Learn all about the eBPF Tools and Libraries for Security, Monitoring , and Networking.

verified publisher icon mikeroyal

surftrace

350
Stars
60
Forks
Watchers

surftrace is a tool that allows you to surf the linux kernel

verified publisher icon aliyun

lockc

228
Stars
20
Forks
Watchers

Making containers more secure with eBPF and Linux Security Modules (LSM)

verified publisher icon lockc-project

libs

207
Stars
156
Forks
Watchers

libsinsp, libscap, the kernel module driver, and the eBPF driver sources

verified publisher icon falcosecurity

bpf-examples

380
Stars
76
Forks
Watchers

Making eBPF programming easier via build env and examples

verified publisher icon xdp-project

bpflock

135
Stars
13
Forks
Watchers

bpflock - eBPF driven security for locking and auditing Linux machines

verified publisher icon linux-lock

tcptracer-bpf

404
Stars
63
Forks
Watchers

eBPF program using kprobes to trace TCP events without run-time compilation dependencies

verified publisher icon weaveworks

tcpdog

249
Stars
22
Forks
Watchers

eBPF based TCP observability.

verified publisher icon mehrdadrad

deepflow

2.4k
Stars
267
Forks
Watchers

:sparkles: Zero-code distributed tracing and profiling, observability via eBPF :rocket:

verified publisher icon deepflowio