kprobes

High-level tracing language for Linux

By Kprobe technology Open Source Host-based Intrusion Detection System(HIDS), from E_Bwill.

Tool tracing syscalls in a fast way using eBPF linux kernel feature

TC, XDP, KProbe and CGroup eBPF based simple Ethernet interface traffic monitor and reporting tool

🔬 eBPF / libbpf bindings for Node.js

🔬 BPF Compiler Collection (BCC) frontend for Node.js

eBPF Tools - Tool for monitoring, performance benchmarking and tracing linux kernel

This repository contains a tool which traces syscalls in a fast way using eBPF linux kernel feature

使用kprobe获取sys_execve参数

Author of Project Adrishya a rootkit which use ftrace mechanism to hook syscall; (write this because God commanded me); work for both x86_64 and arm; CREDIT-(Oleksii Lozovskyi{ilammy})FOUNDER OF FTRACE HOOKING

Tool tracing syscalls in a fast way using eBPF linux kernel feature

Short demo of Linux kernel hooks with kprobes.

Misc BCC BPF Scripts

CS-550-Operating Systems - Spring 2020

Named After the Scottish loch, Lomond is a simple example on how to use kprobes in an LKM for learning purposes and gainning a deeper understanding of the Linux kernel.

Examples of C++ programs that generates BPF bytecodes

Monitor a Qdisc using a kernel probe

A Linux kernel module that replaces a specific display's EDID

Linux kernel module to trace and restrict access to system calls for specific processes

Source code for my personal portfolio and blog website. Features responsive design, dark mode, and a Markdown-powered blog.