eBPF-based Networking, Security, and Observability

Capstone disassembly/disassembler framework: Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings.

the LIBpcap interface to various kernel packet capture mechanism

the TCPdump network dissector

A curated list of awesome projects related to eBPF.

Prometheus exporter for custom eBPF metrics

Library to work with eBPF programs from Go

XDP tutorial

The main libseccomp repository

Framework for running BPF programs with rules on Linux as a daemon. Container aware.

Rust virtual machine and JIT compiler for eBPF programs

Automated upstream mirror for libbpf stand-alone build.

NPF: packet filter with stateful inspection, NAT, IP sets, etc.

The libseccomp golang bindings repository

XDP project collaboration through a git-repo

A tool to list and diagnose bpf programs. (Who watches the watchers..? :)

Tetris in bpftrace

traffic control in pure go - it allows to read and alter queues, filters and classes

Layer 4 Single Packet Authentication Linux kernel module utilizing Netfilter hooks and kernel supported Berkeley Packet Filters (BPF)

ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.

ebpf.io Website

Velocity SJC 2019 - DDoS mitigation made easy with XDP and eBPF

tiny cross-platform socket API library

BPF Processor for IDA Python

Generic tool to inspect BPF maps

Convert network filtering rules from various formats into BPF programs

Just-in-Time compilation of bpf