Fox Ear is a Linux process behavior trace tool powered by eBPF

Related tags

Utilities foxear
Overview

Banner

Fox Ear

Fox Ear is a Linux process behavior trace tool powered by eBPF.

Banner image by Birger Strahl on Unsplash.

Features

  • Log process and its subprocesses' creation and create a graph.
  • Log processes' file access.
  • Log processes' TCP connection(IPv4 and IPv6).

Documents

License

Fox Ear is available under the MPL-2.0 license. You can read an explanation about it, but only the full text of MPL-2.0 has legal effect.

Fox Ear used some parts of following projects:

  • Probes - bcc (Apache-2.0)
You might also like...
Bolt is a desktop application that is designed to make the process of developing and testing APIs easier and more efficient.

Bolt ⚑ Bolt is a desktop application that is designed to make the process of developing and testing APIs easier and more efficient. Quick start πŸ‘©β€πŸ’»

A memory-based evasion technique which makes shellcode invisible from process start to end.
A memory-based evasion technique which makes shellcode invisible from process start to end.

phantom A memory-based evasion technique which makes shellcode invisible from process start to end. Motivation ShellGhost Offensive Edition, and rust!

A lite tool to make systemd work in any container(Windows Subsystem for Linux 2, Docker, Podman, etc.)

Angea Naming from hydrangea(γ‚’γ‚Έγ‚΅γ‚€) A lite tool to make systemd work in any container(Windows Subsystem for Linux 2, Docker, Podman, etc.) WSL1 is not s

An asynchronous IO utilities crate powered by tokio.

An asynchronous IO utilities crate powered by tokio.

Functional testing framework for AVR binaries, powered by simavr.

Functional testing framework for AVR binaries, powered by simavr. tl;dr get your microcontroller's firmware black-box-tested in seconds!

Extensions for x64dbg written in Rust: Telescope and Unicorn powered disassembly
Extensions for x64dbg written in Rust: Telescope and Unicorn powered disassembly

This is the library that extends x64dbg with new features: Telescope. It's basically recursive dereferencerer of memory view which looks at the pointe

TaurApp is a WhatsApp desktop client powered by Tauri and Rust.
TaurApp is a WhatsApp desktop client powered by Tauri and Rust.

TaurApp TaurApp is a WhatsApp desktop client powered by Tauri and Rust. TaurApp is an experimental client and is initially created to test out Tauri i

A GPT-powered daily newsletter bot, written in Rust
A GPT-powered daily newsletter bot, written in Rust

AI Newsie 1. Introduction Meet AI Newsie - your personalized GPT-powered bot that delivers daily newsletters tailored to your interests. The bot is po

A 3dprinter/cnc firmware framework powered by rust embassy
A 3dprinter/cnc firmware framework powered by rust embassy

Printhor: The highly reliable but not necessarily functional 3D printer firmware If you are using this product or like the project, please β˜… this repo

Comments
  • should use join/try_join to wait two task complete concurrency

    should use join/try_join to wait two task complete concurrency

    https://github.com/KernelErr/foxear/blob/0b2e396c513be31fec0eb68f9cebf17791b1f145/src/server.rs#L21

    this line should use join or try_join to run future concurrency

    opened by pymongo 1
  • Request a more complete installation readme

    Request a more complete installation readme

    I tried installing on 20.04 and 22.04 without too many problems and solved the dependency issues along the way. However, after the installation is complete, I can't monitor the program properly, it runs normally but no action is monitored. I don't know what's wrong, so I'm asking for a complete installation process for troubleshooting.

    image image

    Nothing here. image

    opened by TeachMeJavaTonight 3
Owner
Rui Li
At least, we are free when we create things.
Rui Li
A set of utilities to better enable polymorphic behavior in Rust

Polymorph A set of utilities to better enable polymorphic behavior in Rust. Introduction Rust is a wonderful language, with a strong emphasis on fast,

null 3 Mar 17, 2022
bustd is a lightweight process killer daemon for out-of-memory scenarios for Linux!

bustd: Available memory or bust! bustd is a lightweight process killer daemon for out-of-memory scenarios for Linux! Features Small memory usage! bust

Pop!_OS 8 Oct 6, 2022
A Rust library for managing eBPF programs.

oxidebpf oxidebpf is a permissive licensed Rust library for managing eBPF programs. Motivation The motivation behind oxidebpf is to create a permissiv

Red Canary 92 Jan 1, 2023
A security-focused telemetry agent written in Rust using eBPF.

Vesper A security-focused telemetry agent written in Rust using eBPF. Important: While public, this project is an educational endeavor and is not mean

Brian Celenza 2 Oct 23, 2022
πŸπŸ¦€πŸ”₯ An ebpf based CPU profiler written in Rust

profile-bee ?? ?? ?? Profile Bee is an eBPF based CPU profiler written in Rust for performance and efficiency. Aya is used for building the BPF progra

Joshua Koo 5 Dec 16, 2022
Web-wrapped Supabase desktop app for macOS, Windows & Linux powered by Tauri

Supabase Desktop App What is it? It's a cross-platform web-wrapped Supabase desktop app powered by Tauri. You can install it on your macOS, Windows (u

Abiel Zulio M 12 Jan 25, 2023
A dead-simple AI-powered CLI tool for effortlessly crafting meaningful Git commit messages

AI Commit Message acm A dead-simple AI-powered CLI tool for effortlessly crafting meaningful Git commit messages. Features Effortlessly create meaning

syeijs 3 Nov 5, 2024
🚧 (Alpha stage software) Binary that supports remote filesystem and process operations. 🚧

distant Binary to connect with a remote machine to edit files and run programs. ?? (Alpha stage software) This program is in rapid development and may

Chip Senkbeil 296 Dec 28, 2022
Thin wrapper around [`tokio::process`] to make it streamable

This library provide ProcessExt to create your own custom process

null 4 Jun 25, 2022
Creates a DLL that runs a payload once injected into a process.

Educational purposes only Don't use this project maliciously. Prerequisites Install rust Install windows toolchain Setup Run cargo run --bin builder -

RadonCoding 3 Aug 27, 2022