bouheki: KRSI(eBPF+LSM) based Linux security auditing tool

bouheki is KRSI(eBPF+LSM) based Linux security auditing tool.
Security events can be audited and blocked based on the container of the process, and restrictions can be applied to container environments.

Features

Restriction rules based on process context, such as command name or UID and more
Restrictions limited to containers
Network Access Control
File Access Control
Restictions bind mounts from host filesystem to containers

Getting Started

https://mrtc0.github.io/bouheki

DEMO

LICENSE

bouheki's userspace program is licensed under MIT License.
eBPF programs inside pkg/bpf directory are licensed under GNU General Public License version 2.

Name		Name	Last commit message	Last commit date
Latest commit History 248 Commits
.github		.github
cmd/bouheki		cmd/bouheki
config		config
docs		docs
libbpf @ 56794b3		libbpf @ 56794b3
pkg		pkg
testdata		testdata
.clang-format		.clang-format
.gitignore		.gitignore
.gitmodules		.gitmodules
.goreleaser.yml		.goreleaser.yml
.whitesource		.whitesource
CHANGELOG.md		CHANGELOG.md
Dockerfile		Dockerfile
INSTALL.md		INSTALL.md
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
TODO.md		TODO.md
Vagrantfile		Vagrantfile
go.mod		go.mod
go.sum		go.sum
mkdocs.yml		mkdocs.yml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

bouheki: KRSI(eBPF+LSM) based Linux security auditing tool

Features

Getting Started

DEMO

LICENSE

About

Releases 10

Sponsor this project

Packages

Contributors 3

Languages

License

mrtc0/bouheki

Folders and files

Latest commit

History

Repository files navigation

bouheki: KRSI(eBPF+LSM) based Linux security auditing tool

Features

Getting Started

DEMO

LICENSE

About

Topics

Resources

License

Security policy

Stars

Watchers

Forks

Releases 10

Sponsor this project

Packages 0

Contributors 3

Languages

Packages