Show HN: eBPF Based Unlimited Hotspot for Android Article URL: https://github.com/i64/ebpf-stuff/tree/main/android/ttl_increment Comments URL: https://news.ycombinator.com/item?id=45931705 Points: 3 # Comments: 2
Interest | Match | Feed
Interest | Match | Feed
Origin
github.com
November 15, 2025 at 1:32 AM
Show HN: eBPF Based Unlimited Hotspot for Android Article URL: https://github.com/i64/ebpf-stuff/tree/main/android/ttl_increment Comments URL: https://news.ycombinator.com/item?id=45931705 Points: ...
Origin | Interest | Match
Origin | Interest | Match
ebpf-stuff/android/ttl_increment at main · i64/ebpf-stuff
Contribute to i64/ebpf-stuff development by creating an account on GitHub.
github.com
November 15, 2025 at 1:34 AM
eBPF-based tool for debugging network connectivity issues
November 12, 2025 at 5:11 AM
eBPF-based tool for debugging network connectivity issues
eBPF was never meant to replace the kernel. It was meant to make extending it safe. And that’s exactly why the industry is moving away from custom modules and toward eBPF-based extensions because they're portable, secure, and deployable.
November 7, 2025 at 10:01 AM
eBPF was never meant to replace the kernel. It was meant to make extending it safe. And that’s exactly why the industry is moving away from custom modules and toward eBPF-based extensions because they're portable, secure, and deployable.
This article presents Shared Socket, an eBPF-based method that bypasses much of the networking stack to enable fast TCP messaging between pods on the same node using sockmaps and kernel-level redirects
➜ https://ku.bz/xyvZYYGzf
➜ https://ku.bz/xyvZYYGzf
November 5, 2025 at 2:41 PM
This article presents Shared Socket, an eBPF-based method that bypasses much of the networking stack to enable fast TCP messaging between pods on the same node using sockmaps and kernel-level redirects
➜ https://ku.bz/xyvZYYGzf
➜ https://ku.bz/xyvZYYGzf
🐝 New blog post at skyblue.team/posts/unsafe...
At Airbus CERT, we worked on the sudo CVE-2025-32463 to create detection and hunting rules.
Based on the underlying vulnerability, we developed an eBPF based tool to monitor unsafe chroot behavior regarding NSS reloading.
github.com/airbus-cert/...
At Airbus CERT, we worked on the sudo CVE-2025-32463 to create detection and hunting rules.
Based on the underlying vulnerability, we developed an eBPF based tool to monitor unsafe chroot behavior regarding NSS reloading.
github.com/airbus-cert/...
Analyzing the unsafe chroot behavior of sudo CVE-2025-32463 | Sky Blueteam
A story of a bee, a sandwich and a crab
skyblue.team
November 4, 2025 at 3:28 PM
🐝 New blog post at skyblue.team/posts/unsafe...
At Airbus CERT, we worked on the sudo CVE-2025-32463 to create detection and hunting rules.
Based on the underlying vulnerability, we developed an eBPF based tool to monitor unsafe chroot behavior regarding NSS reloading.
github.com/airbus-cert/...
At Airbus CERT, we worked on the sudo CVE-2025-32463 to create detection and hunting rules.
Based on the underlying vulnerability, we developed an eBPF based tool to monitor unsafe chroot behavior regarding NSS reloading.
github.com/airbus-cert/...
Cilium provides high-performance, eBPF-based Kubernetes networking with identity-aware policies, built-in sidecar-free mTLS, observability via Hubble, and fine-grained zero-trust controls.
Save What Matters
Curate Feeds | Make Collections | Customize Email Briefs
briefly.co
November 2, 2025 at 4:47 AM
Cilium provides high-performance, eBPF-based Kubernetes networking with identity-aware policies, built-in sidecar-free mTLS, observability via Hubble, and fine-grained zero-trust controls.
Learn about #OpenTelemetry 's new #eBPF based agent that offers no-code instrumentation and observability
👉 horovits.medium.com/unveiling-op...
@grafana.bsky.social
👉 horovits.medium.com/unveiling-op...
@grafana.bsky.social
Unveiling OpenTelemetry eBPF Instrumentation
New open source automatic instrumentation in OTel in Java, .NET, Go, Python, Ruby, Node.js, C, C++, and Rust, with Grafana Beyla donation
horovits.medium.com
November 1, 2025 at 5:32 PM
Learn about #OpenTelemetry 's new #eBPF based agent that offers no-code instrumentation and observability
👉 horovits.medium.com/unveiling-op...
@grafana.bsky.social
👉 horovits.medium.com/unveiling-op...
@grafana.bsky.social
A general-purpose protocol stack analysis and debugging tool based on eBPF
GitHub - Internet-Architecture-and-Security/PacketScope: 🎯 A general-purpose protocol stack analysis and debugging tool based on eBPF 🧰 👉👉👉快速体验:http://82.156.141.213:4173/
🎯 A general-purpose protocol stack analysis and debugging tool based on eBPF 🧰 👉👉👉快速体验:http://82.156.141.213:4173/ - Internet-Architecture-and-Security/PacketScope
github.com
October 31, 2025 at 2:06 PM
A general-purpose protocol stack analysis and debugging tool based on eBPF
The next eBPF observability product launch 🐝 This time in the telco space ☎️ Would anyone launch a new observability solution that isn't based on eBPF today?
NETSCOUT (NASDAQ: NTCT) debuts KlearSight for Kubernetes, packet-level visibility
KlearSight uses eBPF in Linux kernel to capture Kubernetes and SSL traffic after decryption, converting to standard IT data for app-layer visibility and cost insight.
www.stocktitan.net
October 31, 2025 at 11:02 AM
The next eBPF observability product launch 🐝 This time in the telco space ☎️ Would anyone launch a new observability solution that isn't based on eBPF today?
A blog post from last year, which I never posted here —
Bytecode VMs in surprising places
→ dubroy.com/blog/bytecod...
Bytecode VMs in surprising places
→ dubroy.com/blog/bytecod...
October 29, 2025 at 7:19 AM
A blog post from last year, which I never posted here —
Bytecode VMs in surprising places
→ dubroy.com/blog/bytecod...
Bytecode VMs in surprising places
→ dubroy.com/blog/bytecod...
#OpenTelemetry 's got a new #eBPF based agent that extracts basic R.E.D. metrics out of your application's services without any code change!
Check out the latest @openobservability.bsky.social episode for a deep dive with the creator:
👉 horovits.medium.com/unveiling-op...
@grafana.bsky.social
Check out the latest @openobservability.bsky.social episode for a deep dive with the creator:
👉 horovits.medium.com/unveiling-op...
@grafana.bsky.social
October 27, 2025 at 10:01 AM
#OpenTelemetry 's got a new #eBPF based agent that extracts basic R.E.D. metrics out of your application's services without any code change!
Check out the latest @openobservability.bsky.social episode for a deep dive with the creator:
👉 horovits.medium.com/unveiling-op...
@grafana.bsky.social
Check out the latest @openobservability.bsky.social episode for a deep dive with the creator:
👉 horovits.medium.com/unveiling-op...
@grafana.bsky.social
🚀 Tetragon: Secure your Kubernetes workloads with real-time eBPF-based enforcement! Detect and react to security events, hook into kernel functions, and enforce policies in real-time. @rawkode.dev 🛡️
Restrict Access to Secure Files with Tetragon
Watch on the Rawkode Academy
rawkode.academy
October 25, 2025 at 10:01 AM
🚀 Tetragon: Secure your Kubernetes workloads with real-time eBPF-based enforcement! Detect and react to security events, hook into kernel functions, and enforce policies in real-time. @rawkode.dev 🛡️
A modern ReactFlow-based canvas for building eBPF programs visually. Drag and drop BPF 🐝
GitHub - qweralfredo/ebpf-design: eBPF made simple - 🤓 Learn or Die 💀
eBPF made simple - 🤓 Learn or Die 💀. Contribute to qweralfredo/ebpf-design development by creating an account on GitHub.
github.com
October 24, 2025 at 11:02 AM
A modern ReactFlow-based canvas for building eBPF programs visually. Drag and drop BPF 🐝
Nice! Looks like the system-wide task sampling is done by reading /proc/PID/task/TID/* files, like my Python-based "psn" tool is doing:
tanelpoder.com/psnapper/
(I'll launch my eBPF-based thread sampler that goes much deeper at P99CONF on this Thursday!)
www.p99conf.io
tanelpoder.com/psnapper/
(I'll launch my eBPF-based thread sampler that goes much deeper at P99CONF on this Thursday!)
www.p99conf.io
Linux Process Snapper - Tanel Poder Consulting
Linux Process Snapper (pSnapper, psn) is part of my open source 0x.tools suite of tools for Linux performance troubleshooting and always-on profiling of production systems.
pSnapper is a Linux /proc p...
tanelpoder.com
October 22, 2025 at 5:57 AM
Nice! Looks like the system-wide task sampling is done by reading /proc/PID/task/TID/* files, like my Python-based "psn" tool is doing:
tanelpoder.com/psnapper/
(I'll launch my eBPF-based thread sampler that goes much deeper at P99CONF on this Thursday!)
www.p99conf.io
tanelpoder.com/psnapper/
(I'll launch my eBPF-based thread sampler that goes much deeper at P99CONF on this Thursday!)
www.p99conf.io
🚀 Tetragon: Secure your Kubernetes workloads with real-time eBPF-based enforcement! Restrict access, monitor processes, and enforce policies directly in the kernel. @rawkode.dev
Restrict Access to Secure Files with Tetragon
Watch on the Rawkode Academy
rawkode.academy
October 19, 2025 at 10:00 AM
🚀 Tetragon: Secure your Kubernetes workloads with real-time eBPF-based enforcement! Restrict access, monitor processes, and enforce policies directly in the kernel. @rawkode.dev
Blixt is an early-stage, sandbox-only Layer 4 load balancer project written in Rust
It integrates eBPF via Aya and manages routing logic via Kube-RS
It supports Gateway API objects like TCPRoute and UDPRoute, with KIND-based local testing only
➤ https://ku.bz/1cZxMK7Ck
It integrates eBPF via Aya and manages routing logic via Kube-RS
It supports Gateway API objects like TCPRoute and UDPRoute, with KIND-based local testing only
➤ https://ku.bz/1cZxMK7Ck
October 18, 2025 at 6:06 PM
Blixt is an early-stage, sandbox-only Layer 4 load balancer project written in Rust
It integrates eBPF via Aya and manages routing logic via Kube-RS
It supports Gateway API objects like TCPRoute and UDPRoute, with KIND-based local testing only
➤ https://ku.bz/1cZxMK7Ck
It integrates eBPF via Aya and manages routing logic via Kube-RS
It supports Gateway API objects like TCPRoute and UDPRoute, with KIND-based local testing only
➤ https://ku.bz/1cZxMK7Ck
LinkPro: An eBPF-Based Rootkit Hiding Malicious Activity on GNU/Linux https://gbhackers.com/linkpro-an-ebpf-based-rootkit/
October 18, 2025 at 10:47 AM
LinkPro: An eBPF-Based Rootkit Hiding Malicious Activity on GNU/Linux https://gbhackers.com/linkpro-an-ebpf-based-rootkit/
Observability shouldn’t be an afterthought.
Grafana Labs’ Nikola Grcevski shares how the OpenTelemetry eBPF-based Instrumentation project is making it automatic & built in.
Read more via @thenewstack.io.
🔗 https://thenewstack.io/how-ebpf-is-powering-the-next-generation-of-observability/
Grafana Labs’ Nikola Grcevski shares how the OpenTelemetry eBPF-based Instrumentation project is making it automatic & built in.
Read more via @thenewstack.io.
🔗 https://thenewstack.io/how-ebpf-is-powering-the-next-generation-of-observability/
How eBPF Is Powering the Next Generation of Observability
Learn how OTel project OBI is redefining how observability fits into developer workflows and platform engineering strategies.
thenewstack.io
October 17, 2025 at 1:00 PM
Observability shouldn’t be an afterthought.
Grafana Labs’ Nikola Grcevski shares how the OpenTelemetry eBPF-based Instrumentation project is making it automatic & built in.
Read more via @thenewstack.io.
🔗 https://thenewstack.io/how-ebpf-is-powering-the-next-generation-of-observability/
Grafana Labs’ Nikola Grcevski shares how the OpenTelemetry eBPF-based Instrumentation project is making it automatic & built in.
Read more via @thenewstack.io.
🔗 https://thenewstack.io/how-ebpf-is-powering-the-next-generation-of-observability/
Don't miss tomorrow's eCHO livestream, where @mauilion.dev will demo how easy #Tetragon is to set up and install on Linux servers for #eBPF-based security, observability, and runtime enforcement.
eBPF & Cilium Office Hours
📆 Friday, October 17, 11am PT / 2pm ET
🎥 Livestream: lnkd.in/eyWfjhUx
eBPF & Cilium Office Hours
📆 Friday, October 17, 11am PT / 2pm ET
🎥 Livestream: lnkd.in/eyWfjhUx
October 16, 2025 at 5:03 PM
Don't miss tomorrow's eCHO livestream, where @mauilion.dev will demo how easy #Tetragon is to set up and install on Linux servers for #eBPF-based security, observability, and runtime enforcement.
eBPF & Cilium Office Hours
📆 Friday, October 17, 11am PT / 2pm ET
🎥 Livestream: lnkd.in/eyWfjhUx
eBPF & Cilium Office Hours
📆 Friday, October 17, 11am PT / 2pm ET
🎥 Livestream: lnkd.in/eyWfjhUx
Join #CiliumCon to learn about how SeatGeek migrated hundreds of microservices to Cilium Mesh in just 3 months!
Andrew Timmes will share takeaways from building an #eBPF and #Cilium-based networking stack you can apply to your own implementation.
🔗 colocatedeventsna2025.sched.com/event/28D0I/...
Andrew Timmes will share takeaways from building an #eBPF and #Cilium-based networking stack you can apply to your own implementation.
🔗 colocatedeventsna2025.sched.com/event/28D0I/...
October 16, 2025 at 3:02 PM
Join #CiliumCon to learn about how SeatGeek migrated hundreds of microservices to Cilium Mesh in just 3 months!
Andrew Timmes will share takeaways from building an #eBPF and #Cilium-based networking stack you can apply to your own implementation.
🔗 colocatedeventsna2025.sched.com/event/28D0I/...
Andrew Timmes will share takeaways from building an #eBPF and #Cilium-based networking stack you can apply to your own implementation.
🔗 colocatedeventsna2025.sched.com/event/28D0I/...
Researchers uncovered "LinkPro," a Golang-based Linux rootkit that uses eBPF to hide processes and activate remotely via a secret “magic packet.” It spread through a malicious Docker im...
Origin | Interest | Match
Origin | Interest | Match
The Hacker News
⭐ Official THN Telegram Channel — A trusted, widely read, independent source for breaking news and tech coverage about cybersecurity and hacking. 📨 Contact: [email protected] 🌐 Website: https://thehackernews.com
t.me
October 16, 2025 at 4:15 PM
Synacktiv looks at LinkPro, a new Linux eBPF-based rootkit it found deployed on a customer's hacked AWS infrastructure https://www. synacktiv.com/en/publications/ linkpro-ebpf-rootkit-analysis
Interest | Match | Feed
Interest | Match | Feed
Origin
mastodon.social
October 14, 2025 at 7:38 PM
Synacktiv looks at LinkPro, a new Linux eBPF-based rootkit it found deployed on a customer's hacked AWS infrastructure
www.synacktiv.com/en/publicati...
www.synacktiv.com/en/publicati...
October 14, 2025 at 7:37 PM
Synacktiv looks at LinkPro, a new Linux eBPF-based rootkit it found deployed on a customer's hacked AWS infrastructure
www.synacktiv.com/en/publicati...
www.synacktiv.com/en/publicati...
LinkPro: new stealthy #Linux rootkit based on eBPF 🔍️
Our #CSIRT team discovered and named LinkPro, a new Linux rootkit, during an incident response. It exploits eBPF for evasion and persistence.
Here are the four key technical points in the image below. 💡
🔗 www.synacktiv.com/en/publicati...
Our #CSIRT team discovered and named LinkPro, a new Linux rootkit, during an incident response. It exploits eBPF for evasion and persistence.
Here are the four key technical points in the image below. 💡
🔗 www.synacktiv.com/en/publicati...
October 14, 2025 at 2:33 PM
LinkPro: new stealthy #Linux rootkit based on eBPF 🔍️
Our #CSIRT team discovered and named LinkPro, a new Linux rootkit, during an incident response. It exploits eBPF for evasion and persistence.
Here are the four key technical points in the image below. 💡
🔗 www.synacktiv.com/en/publicati...
Our #CSIRT team discovered and named LinkPro, a new Linux rootkit, during an incident response. It exploits eBPF for evasion and persistence.
Here are the four key technical points in the image below. 💡
🔗 www.synacktiv.com/en/publicati...