File Monitor for Android

A simple cli tool to monitor the file opening of application processes.

Requirement

ebpf enabled kernel

# zcat /proc/config.gz | grep CONFIG_BPF=y
CONFIG_BPF=y

kprobe enabled kernel

# zcat /proc/config.gz | grep CONFIG_KPROBES=y
CONFIG_KPROBES=y

arm64/x86_64 architecture
```
$ uname -m
aarch64 or x86_64
```
root required

Usage

# ./file-monitor

As Library

m, err := monitor.NewMonitor()
if err != nil {
	println(err.Error())
	return
}
defer m.Close()

m.Launch()

for {
	event, ok := <-m.Events(): 
	
	// handle events
}

Build

Install make, clang, Android NDK
ANDROID_NDK=/path/to/android-ndk make all

Notice

3rd party licenses

bpf_core_read.h LGPL-2.1 OR BSD-2-Clause

Name		Name	Last commit message	Last commit date
Latest commit History 27 Commits
bpf		bpf
monitor		monitor
.gitignore		.gitignore
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
go.mod		go.mod
go.sum		go.sum
main.go		main.go

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

bpf

bpf

monitor

monitor

.gitignore

.gitignore

LICENSE

LICENSE

Makefile

Makefile

README.md

README.md

go.mod

go.mod

go.sum

go.sum

main.go

main.go

Repository files navigation

File Monitor for Android

Requirement

Usage

As Library

Build

Notice

3rd party licenses

About

Releases 2

Packages

Languages

License

Kr328/file-monitor

Folders and files

Latest commit

History

Repository files navigation

File Monitor for Android

Requirement

Usage

As Library

Build

Notice

3rd party licenses

About

Topics

Resources

License

Stars

Watchers

Forks

Languages