APM, Application Performance Monitoring System

eBPF-based Networking, Security, and Observability

The container platform tailored for Kubernetes multi-cloud, datacenter, and edge management ⎈ 🖥 ☁️

Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.

High-level tracing language for Linux

Cloud native networking and network security

Cloud Native Runtime Security

ebpf-go is a pure-Go library to read, modify and load eBPF programs and attach them to various hooks in the Linux kernel.

PcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packets. It is designed to be efficient, powerful and easy to use. It provides C++ wrappers for the most popular packet processing engines such as libpcap, Npcap, WinPcap, DPDK, AF_XDP and PF_RING.

Web-based Traffic and Security Network Traffic Monitoring

Instant Kubernetes-Native Application Observability

Linux Runtime Security and Forensics using eBPF

An open source real-time network topology and protocols analyzer

Fast and Lightweight Observability Data Collector

eBPF Developer Tutorial: Learning eBPF Step by Step with Examples

eBPF-based Security Observability and Runtime Enforcement

A curated list of awesome projects related to eBPF.

Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (BPF-LSM, AppArmor).

bpf 学习仓库

Aya is an eBPF library for the Rust programming language, built with a focus on developer experience and operability.