Giters

mrtc0 / bouheki

bouheki is KRSI(eBPF+LSM) based Linux security auditing tool.

Home Page:https://mrtc0.github.io/bouheki

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

auditebpffirewalllinuxsecurity

bouheki: KRSI(eBPF+LSM) based Linux security auditing tool

bouheki is KRSI(eBPF+LSM) based Linux security auditing tool.
Security events can be audited and blocked based on the container of the process, and restrictions can be applied to container environments.

Features

  • Restriction rules based on process context, such as command name or UID and more
  • Restrictions limited to containers
  • Network Access Control
  • File Access Control
  • Restictions bind mounts from host filesystem to containers

Getting Started

https://mrtc0.github.io/bouheki

DEMO

asciicast

LICENSE

bouheki's userspace program is licensed under MIT License.
eBPF programs inside pkg/bpf directory are licensed under GNU General Public License version 2.

About

bouheki is KRSI(eBPF+LSM) based Linux security auditing tool.

https://mrtc0.github.io/bouheki

auditebpffirewalllinuxsecurity

License:MIT License

Languages

Language:C 96.7%Language:Go 3.2%Language:Makefile 0.1%Language:Dockerfile 0.0%