This directory contains comprehensive documentation for the eCapture project.

• compilation.md - Build and compilation guide (English)
• compilation-zh_Hans.md - 编译指南 (汉字)

• refactoring-guide.md - Probe refactoring patterns and best practices
• probe-refactoring-playbook.md - Detailed refactoring tutorial with step-by-step instructions
• migration-v2.md - Migration guide from v1 to v2 architecture
• gotls-refactoring-summary.md - GoTLS probe refactoring case study

• e2e-tests.md - End-to-end testing guide

• defense-detection.md - Detection and defense against unauthorized eBPF tool usage
• minimum-privileges.md - Required Linux capabilities and least-privilege configuration
• performance-benchmarks.md - Performance overhead measurement methodology
• release-verification.md - How to verify release artifact integrity

• event-forward-api.md - Event forwarding API documentation (English)
• event-forward-api-zh_Hans.md - 事件转发API文档 (汉字)
• remote-config-update-api.md - Remote configuration update API (English)
• remote-config-update-api-zh_Hans.md - 远程配置更新API (汉字)

• event-forward.md - Event forwarding applications and GUI clients

• example-outputs.md - Detailed output examples for all eCapture modes and modules

The project root contains standard GitHub community health files:

• README.md - Project overview and quick start
• CONTRIBUTING.md - Contribution guidelines
• CODE_OF_CONDUCT.md - Community code of conduct
• SECURITY.md - Security policy
• CHANGELOG.md - Release history

Technical documentation, guides, and API references are organized here.

Contains architecture documentation for internal packages (see internal/README.md).

All documentation files in this directory follow the lowercase-with-hyphens (kebab-case) naming convention for consistency and web compatibility.

Examples:

• ✅ refactoring-guide.md
• ✅ e2e-tests.md
• ✅ event-forward-api.md

When adding new documentation:

1. Place it in the appropriate directory (/docs for technical docs, / for community files)
2. Use lowercase with hyphens for file names
3. Update this README to include your new document
4. Ensure proper cross-references to related documents

Chinese versions of documents are indicated with a -zh_Hans suffix:

• compilation.md (English) / compilation-zh_Hans.md (汉字)
• event-forward-api.md (English) / event-forward-api-zh_Hans.md (汉字)