We’re proud to announce that Trapmine’s eBPF-based sensor for monitoring security relevant events on Linux system is now available as open source under the GPLv2 license at https://github.com/trapmine/trapmine-linux-sensor
The sensor collects information from various sources inside the linux kernel, with particular focus on events which can be used to perform security detection and prevention. The sensor may be used to build a system for detecting process infections, reverse shells, fileless executions, kernel exploits, many other attack vectors.
We’re trying to contribute to open source and cyber security community to develop better products to make a safer cyber world together!