Skip to content

Tuetuopay/catp-ebpf

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits

.cargo

.cargo

 
 

.vim

.vim

 
 

catp-ebpf

catp-ebpf

 
 

catp

catp

 
 

xtask

xtask

 
 

.gitignore

.gitignore

 
 

Cargo.toml

Cargo.toml

 
 

README.md

README.md

 
 

rustfmt.toml

rustfmt.toml

 
 

screenshot.png

screenshot.png

 
 

Repository files navigation

catp-ebpf

Print the output of a running process (or any of its open fd) like catp does, but using eBPF instead of ptrace.

Prerequisites

  1. Install a rust stable toolchain: rustup install stable
  2. Install a rust nightly toolchain: rustup install nightly
  3. Install bpf-linker: cargo install bpf-linker

Build eBPF

cargo xtask build-ebpf

Build Userspace

cargo build

Run

cargo xtask run -- -p <PID>

Examples

screenshot

About

Print the output of a running process using eBPF and Aya

Resources

Readme
Activity

Stars

7 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages