docs: readme update

README-zh_CN.md

@@ -32,18 +32,18 @@ Hades 是一个基于 eBPF 的主机入侵检测系统，同时兼容低版本
 
 ## 插件列表
 
-- [Driver-eBPF](https://github.com/chriskaliX/Hades/tree/main/plugins/edriver)
+- [EDriver](https://github.com/chriskaliX/Hades/tree/main/plugins/edriver)
 - [Collector](https://github.com/chriskaliX/Hades/tree/main/plugins/collector)
-- HoneyPot
-- Monitor
+- [Eguard](https://github.com/chriskaliX/Hades/tree/main/plugins/eguard)
+- [NCP](https://github.com/chriskaliX/Hades/tree/main/plugins/ncp)
 - Scanner
 - Logger
 
 ## 采集能力
 
 ---
 
-### eBPF Driver
+### EDriver
 
 > 支持 `21` 种 Hook，涵盖大部分安全审计检测需求，采集字段基本和 Elkeid 相同
 

README.md

@@ -34,18 +34,18 @@ Declaration: This project is based on [Tracee](https://github.com/aquasecurity/t
 
 ## Plugins
 
-- [eBPF Driver](https://github.com/chriskaliX/Hades/tree/main/plugins/edriver)
+- [EDriver](https://github.com/chriskaliX/Hades/tree/main/plugins/edriver)
 - [Collector](https://github.com/chriskaliX/Hades/tree/main/plugins/collector)
-- HoneyPot (gopacket-based)
-- Monitor
+- [Eguard](https://github.com/chriskaliX/Hades/tree/main/plugins/eguard)
+- [NCP](https://github.com/chriskaliX/Hades/tree/main/plugins/ncp)
 - Scanner
 - Logger
 
 ## Capability
 
 ------
 
-### eBPF Driver
+### EDriver
 
 > Here are 21 hooks over `tracepoints`/`kprobes`/`uprobes`. The fields are extended just like Elkeid(basically).
 

plugins/eguard/README.md

@@ -5,6 +5,10 @@
 
 > eguard is meant for the formal version of edr. This is based on libbpf-rs and will add BTFhub into this project.
 
+## Features
+
+- [x] Ingress/Egress ACL
+
 ## Quick start
 
 > prerequisite: BTF supported kernel version (will move on to the BTFHub in the feature)