Netspector-eBPF is a full-stack network observability solution built entirely on eBPF and Python. It is designed for developers, SREs, and security teams who need deep visibility into the kernel's network stack without the performance overhead of traditional tools. What it does: The tool uses eBPF programs to safely extract real-time data on key networking layers: TCP (connection attempts/drops), DNS (query resolution), and HTTP (basic request/response tracing). This data is pushed from the kernel to a user-space Python collector, analyzed, and displayed on a simple, self-hosted web dashboard for visualization. How it uses eBPF: We leveraged eBPF's ability to run custom, safe programs within the kernel. The C programs (ebpf/.c) use kernel tracing mechanisms (like kprobes and tracepoints) to attach to key network functions, collect the required metadata, and pass it efficiently via BPF maps to the Python user-space backend (user/.py) for processing and dashboarding.
Built With
- c
- dashboard
- ebpf
- flask/django)
- for
- html/css
- javascript
- python
- web-framework-(e.g.
Log in or sign up for Devpost to join the conversation.