good to know. I asked because last year I wrote an HIDS for my company using eBPF extremely. But I don't have time anymore to maintain it.

That would be freakin awesome.

It is in Go and it has some performance issues, this is the main reason of the idea to integrate it in osquery.