Stefano Bonicatti

over 4 years ago

My last BPF article has a new home! In case you missed it, it's a handy introduction on programmatically generating tracers at runtime using the LLVM libraries. Be sure to check out the companion code too: https://t.co/Ft5bBN0ckb https://t.co/A51FPwQsBR

0

2

1

0

Smjert retweeted

over 5 years ago

Here's a new ebpfpub example to trace bash events with #eBPF using C++ and the LLVM libraries: https://t.co/1epOzmf9fw https://t.co/wHkrBQcj5p

0

5

3

0

Smjert retweeted

Working on @diceofarcana and @retro_gadgets (w/ @grammogatto) Creators of #SyderArcade @SCMZ_EN and #SyderReloaded. Indie games, VR and other evil deeds. 😈

over 5 years ago

Ever wanted to dynamically codegen and load your #bpf programs from C++ with nothing except #llvm? Take a look at this example we have released! https://t.co/ROzv0I526l

0

14

5

1

0

Who to follow

Studio Evil

@STUDIOEVIL

Danny Calleri

@dannycalleri

Software engineer, drummer.

PROFENIX STUDIO

@ProfenixStaff

I make games the hard way: solo, from scratch, with my own engine. S2Engine is my way of building worlds exactly as I imagine them.

Smjert retweeted

almost 6 years ago

I've added a new execsnoop example to our #eBPF based function tracing library! 😀 https://t.co/tDgc8xXvRn

0

3

1

0

Smjert retweeted

almost 6 years ago

Inspired by the Linux version of #ProcMon, I wrote a new SocketMonitor example for the ebpfpub library from @trailofbits! You can find it here: https://t.co/XxJIIBvjYS

alessandrogario's tweet photo. Inspired by the Linux version of #ProcMon, I wrote a new SocketMonitor example for the ebpfpub library from @trailofbits! You can find it here: https://t.co/XxJIIBvjYS https://t.co/bYGdSmvm4b

0

21

7

3

0

Smjert retweeted

over 6 years ago

Syscall fault injection is a really cool testing technique, but doing it reliably is hard. BPF has got your back, thanks to the bpf_override_return() helper! Here's a small tool I developed to play with it: https://t.co/KL7LFlujM3

0

36

8

7

0

Smjert retweeted

over 6 years ago

BPF provides powerful system tracing capability on Linux but it is difficult to integrate into your applications. Today I'm releasing a BPF library, ebpf-common, and a tracing library based on LLVM: https://t.co/XxJIIBvjYS

0

44

13

6

0

Smjert retweeted

seph (Also @[email protected]) @twseph

over 6 years ago

TSC Frequency For All: Better Profiling and Benchmarking https://t.co/1vbjbJS79m

0

3

2

0

Smjert retweeted

almost 7 years ago

Slides from my talk about how we do cross platform packaging here at @Kolideco ! #querycon https://t.co/ndQotAi8Kp

0

6

7

1

0

Smjert retweeted

Victor (groob) @wikiwalk

almost 7 years ago

Tired, but excited about all the awesome interactions @QueryConf this year. Thanks to @trailofbits, @Kolideco and @CarbonBlack_Inc, well done. Biggest takeaway this year is that the @osquery community deeply cares about the privacy of users.

1

17

4

0

Smjert retweeted

Objective-See Foundation @objective_see

about 7 years ago

@trailofbits generously supports the infosec community in many ways (https://t.co/mAIne2rUgp, hosting @QueryConf, etc) 🙌 We're stoked they've joined our "Friends of Objective-See" program & as an OBTS conference sponsor 🥳 Mahalo for your community commitment & involvement !😍

0

10

4

0

Smjert retweeted

about 7 years ago

We are happy to announce the first two talks for @QueryConf, with many more on the way. First up, Stefano Bonicatti of @trailofbits will share our work and vision for osql, our fork of osquery https://t.co/gAFupC5nDr

1

5

0

Smjert retweeted

about 7 years ago

Second, our own @alessandrogario will review the past and present state of Linux event monitoring with osquery, including a demonstration of our new eBPF backend.

1

2

0

Smjert retweeted

about 7 years ago

Watch this space for more talks being announced on Monday, and register now to reserve your spot to attend @QueryConf: https://t.co/owUi4I7qtb

0

2

0

Smjert retweeted