kubeshark
ecapture
kubeshark | ecapture | |
---|---|---|
16 | 9 | |
10,562 | 8,173 | |
0.9% | 1.4% | |
9.4 | 9.2 | |
7 days ago | 8 days ago | |
Go | C | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
kubeshark
-
Show HN: Alaz: Open-Source, Self-Hosted, eBPF-Based K8s Monitoring
The one similar product I had come across is Kubeshark (https://github.com/kubeshark/kubeshark). But admittedly the eBPF way seems more performant theoretically (given you can afford to have a modern-enough kernel). I'm really excited to see how this project develops out.
The eBPF-mode of innovation is pretty exciting, truly a fresh lens to building software. I'm also following Akita Software - the company building an eBPF paradigm of monitoring.
-
Top open source security devtools you need to know about
GitHub: https://github.com/kubeshark/kubeshark Website: https://kubeshark.co/
-
Can't make kubeshark work
Can you send us the logs using: `kubeshark logs` (you can also use the issues page or slack)
-
Diagnosing high Cloud NAT usage for a CI cluster
Yes there are, but Cloud NAT alone won't be able to help you with that. You can either use a standalone proxy or a 3rd party firewall appliance through which you can route your traffic, or use more modern approaches with tools such as Kubeshark or Cillium.
-
Monitoring service network traffic
https://github.com/kubeshark/kubeshark - somewhat like Wireshark for Kubernetes. LMK if you have any questions
-
Tips on enumerating unknown APIs in my environment?
For example, this open-source project gives instant visibility into API traffic in kubernetes environments: https://github.com/kubeshark/kubeshark
-
Kubeshark PCAP Export
Check out the GitHub repository: https://github.com/kubeshark/kubeshark
- Kubeshark: The API Traffic Viewer for Kubernetes
ecapture
- Capture SSL/TLS text content without CA cert using eBPF. supports Linux/Android x86_64/Aarch64.
-
eCapture: capture HTTPS traffic without CA certificates on Android/Linux using Golang.
The answer is YES. eCapture for Android can help you capture HTTPS packets on Android without the trivial settings. and also support Linux Kernel.
-
Go based eBPF projects
eCapture : Capture SSL/TLS text content without CA certificate Using eBPF
-
Kubeshark: The API Traffic Viewer for Kubernetes
One option is to use ebpf uprobes to dump the key material or plaintext (https://github.com/ehids/ecapture ). Should be easy for c-like TLS libraries probably less useful for JIT languages.
-
Can eBPF be used to measure and trace http 502 504
Other standalone project it https://github.com/ehids/ecapture which might be helpful
- ecapture: capture SSL/TLS text content without CA cert using eBPF.
- Ecapture: Capture and Decode TLS with eBPF
- Capture SSL/TLS text content without CA cert by eBPF
What are some alternatives?
kui - A hybrid command-line/UI development experience for cloud-native development
ssldump - ssldump - (de-facto repository gathering patches around the cyberspace)
ksniff - Kubectl plugin to ease sniffing on kubernetes pods using tcpdump and wireshark
sslsplit - Transparent SSL/TLS interception
cli - Snyk CLI scans and monitors your projects for security vulnerabilities.
merecat - Small and made-easy HTTP/HTTPS server based on Jef Poskanzer's thttpd
kwok - Kubernetes WithOut Kubelet - Simulates thousands of Nodes and Clusters.
wolfssl - The wolfSSL library is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3!
fake-k8s - [Moved to https://github.com/kubernetes-sigs/kwok] fake-k8s is a tool for running Fake Kubernetes clusters, It can be used as an alternative to Kind in some scenarios where you donโt need to actually run the Pod
golang-tls - Simple Golang HTTPS/TLS Examples
alaz - Alaz: Advanced eBPF Agent for Kubernetes Observability โ Effortlessly monitor K8s service interactions and performance metrics in your K8s environment. Gain in-depth insights with service maps, metrics, distributed tracing, and more, while staying alert to crucial system anomalies ๐
ssl-handshake - A command-line tool for testing SSL/TLS handshake latency, written in Go.