Skip to content
/ bpfsec Public

basic ebpf playground to work and play a little with it

License

GPL-3.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

hoomaac/bpfsec

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
.vscode
.vscode
 
 
bpfkern
bpfkern
 
 
bpfsec
bpfsec
 
 
libbpf @ e3a4032
libbpf @ e3a4032
 
 
.gitignore
.gitignore
 
 
.gitmodules
.gitmodules
 
 
CMakeLists.txt
CMakeLists.txt
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
Vagrantfile
Vagrantfile
 
 
build.sh
build.sh
 
 
config.yaml
config.yaml
 
 

Repository files navigation

  ____         __ _____           
 |  _ \       / _/ ____|          
 | |_) |_ __ | || (___   ___  ___ 
 |  _ <| '_ \|  _\___ \ / _ \/ __|
 | |_) | |_) | | ____) |  __/ (__ 
 |____/| .__/|_||_____/ \___|\___|
       | |                        
       |_|

What is it about?

Bpfsec is a basic implementation based on eBPF and KRSI (Kernel Runtime Security Instrumentation). It just uses BPF LSM concept to monitor processes currently and in the future it can block them (TODO).

Setup

Just run build.sh and it handles everything for you. There is also Vagrantfile to facilitate the setup of the virtual machine, You can use vagrant up to setup the desired machine, then use vagrant ssh to ssh to the machine and test the bpfsec. Note: libbpf is submodule of this project, so you don't need to build it from kernel source directly.

Knowledge Sharing

There are multiple helpful websites and resources that are listed below:

About

basic ebpf playground to work and play a little with it

Topics

c cpp ebpf ebpf-programs

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages