Please see build instructions here.
SysinternalsEBPF attempts to automatically discover the offsets of some members of some kernel structs. If this fails, please provide details of the kernel version (and config if possible) plus the error message to the GitHub issues page.
You can then generate a configuration file to override the autodiscovery by building the getOffsets module in the /opt/sysinternals/getOffsets directory. See the README.md in that directory for more information.
If you define EBPF_CO_RE in your own eBPF programs that use SysinternalsEBPF, the library will use the CORE libbpf APIs.
A man page for SysinternalsEBPF can be found in the package directory, and is installed by both deb and rpm packages.
Use 'find' on the package directory to locate it manually.
SysinternalsEBPF is licensed under LGPL2.1. SysinternalsEBPF includes libbpf, which is licensed under LGPL2.1. Libbpf can be located at https://github.com/libbpf/libbpf The SysinternalsEBPF library of eBPF code is licensed under GPL2.