eBPF

  ecapture 是一款无需安装CA证书，即可抓取HTTPS、TLS等明文数据包的工具。也可以捕捉bash的命令，适用于安全审计场景。包括mysqld的数据审计等。

  High-level tracing language for Linux

翻译 - Linux eBPF的高级跟踪语言

  Cloud Native Runtime Security

翻译 - 云原生运行时安全

  ebpf-go is a pure-Go library to read, modify and load eBPF programs and attach them to various hooks in the Linux kernel.

翻译 - Go的eBPF库

  Cloud native networking and network security

翻译 - 云原生网络和网络安全

#计算机科学#  Instant Kubernetes-Native Application Observability

翻译 - Instant Kubernetes-Native Application Observability

  eBPF-based Security Observability and Runtime Enforcement

  Linux Runtime Security and Forensics using eBPF

翻译 - 使用eBPF进行容器和系统事件跟踪

  Hubble - Network, Service & Security Observability for Kubernetes using eBPF

翻译 - 哈勃-Kubernetes的网络，服务和安全性可观察性

  eBPF-based Linux high-performance transparent proxy solution.

  Distributed tracing without code changes. 🚀 Instantly monitor any application using OpenTelemetry and eBPF

  Packet, where are you? -- eBPF-based Linux kernel networking debugger

翻译 - 包子，你在哪里？ -- Linux内核网络调试器

  eBPF distributed networking observability tool for Kubernetes

  eBPF Developer Tutorial: Learning eBPF Step by Step with Examples

  Aya is an eBPF library for the Rust programming language, built with a focus on developer experience and operability.

  The production-scale datacenter profiler (C/C++, Go, Rust, Python, Java, NodeJS, .NET, PHP, Ruby, Perl, ...)

  Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF

  Instant K8s service dependency map, right to your Grafana.

  A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.

  一个深挖 Linux 内核的新功能特性，以 io_uring, cgroup, ebpf, llvm 为代表，包含开源项目，代码案例，文章，视频，架构脑图等