eBPF - The Future Of Isolated/Malware Analysis

Checkout Teleport Here: https://cybercademy.org/go-teleport 🔗 Resources Mentioned: How Linux Works by Brian Ward - https://amzn.to/3VZLt7X Enhanced Session Recording with BPF - https://goteleport.com/docs/server-access/guides/bpf-session-recording/ BCC GitHub (tcpconnect.py): https://github.com/iovisor/bcc/blob/master/tools/tcpconnect.py The "Passwordless" Homelab - Crash Course (manage all your infrastructure) - https://www.youtube.com/watch?v=i-jtihLGTYI&t=21s 📚 eBPF Reading: https://ebpf.io/what-is-ebpf/#introduction-to-ebpf https://redcanary.com/blog/ebpf-for-security/ What is eBPF and How Does it Work? - https://goteleport.com/blog/what-is-ebpf/ eBPF in Security - https://github.com/zoidbergwill/awesome-ebpf#ebpf-in-security © All Icons From Flaticon. All credit goes to its authors. ⏰ Timestamps: 0:00 - Introduction 1:27 - Linux Architecture 3:01 - eBPF Overview 5:08 - Security Implications of eBPF 6:10 - Example Attacker Technique 9:24 - BCC & eBPF 10:30 - Conclusion 🐕 Follow Me: Twitter: https://twitter.com/collinsinfosec Instagram: https://www.instagram.com/collinsinfosec Cybercademy Discord Server: https://discord.gg/bWymWhCv9p 🤔 Have questions, concerns, comments? - Email me: grant@cybercademy.org 🎧 Gear: Laptop (Lenovo X1 Carbon Ultrabook 6th Gen): https://amzn.to/2O0UfAM​​​​​ Monitors (Dell D Series 31.5” D3218HN): https://amzn.to/2EXlgRF​​​​​ Keyboard (Velocifire VM01): https://amzn.to/2TEswfd​​​​​ Headphones (Audio Technica ATH-M40x): https://amzn.to/2F4Tvq6​​​​​ Work Monitors (Dell U4919DW UltraSharp 49 Curved Monitor): https://amzn.to/3yQmDhM Desk (FLEXISPOT EW8 Comhar Electric Standing Desk): https://amzn.to/3S9OxvG