Qtap

Qtap is an eBPF agent that captures traffic flowing through the Linux kernel. By attaching to TLS/SSL functions, data is intercepted before and after encryption and then passed to flexible plugins with full visibility along with all of the available context - process/container/host/user/protocol/etc. Qtap makes it possible to understand what's happening with your egress traffic, without modifying apps, installing proxies, or managing certs.

Qtap shows you exactly what data is being sent and received in its original, unencrypted form while operating out-of-band with minimal overhead, without adding latency or disrupting application performance.

Note: For cloud-managed deployments, see .

Try Qtap in 60 Seconds

Want to give Qtap a test run? Spin up a temporary instance in Demo mode! See traffic in real time right in your terminal.

# Run Qtap in demo mode
curl -s https://get.qpoint.io/demo | sudo sh

Or install and start running right away:

# Install the Qtap agent
curl -s https://get.qpoint.io/install | sudo sh

# Run with defaults!
sudo qtap

Key Features

• Zero Configuration: Works out of the box with sensible defaults

• Process Attribution: See exactly which apps are making connections

• Pre-Encryption Visibility: See data before TLS encryption

• Minimal Overhead: Lightweight eBPF implementation

• Flexible Storage: Send data to stdout, S3, or more

Start simple, scale as needed. Qtap provides immediate insights with no configuration required.