diff --git a/daemon/procmon/ebpf/ebpf.go b/daemon/procmon/ebpf/ebpf.go
index 7a5fa4de30..b51364b26e 100644
--- a/daemon/procmon/ebpf/ebpf.go
+++ b/daemon/procmon/ebpf/ebpf.go
@@ -56,6 +56,14 @@ var (
 	// list of local addresses of this machine
 	localAddresses []net.IP
 
+	// ex.: /usr/lib/opensnitchd/ebpf/
+	modulesDir = "/opensnitchd/ebpf"
+	paths      = []string{
+		fmt.Sprint("/usr/local/lib", modulesDir),
+		fmt.Sprint("/usr/lib", modulesDir),
+		fmt.Sprint("/etc/opensnitchd"), // deprecated
+	}
+	modulesPath   = ""
 	hostByteOrder binary.ByteOrder
 )
 
@@ -66,14 +74,13 @@ func Start() error {
 		log.Error("ebpf.Start -> mount debugfs error. Report on github please: %s", err)
 		return err
 	}
-
-	m = elf.NewModule("/etc/opensnitchd/opensnitch.o")
-	m.EnableOptionCompatProbe()
-
-	if err := m.Load(nil); err != nil {
-		log.Error("eBPF Failed to load /etc/opensnitchd/opensnitch.o: %v", err)
-		return err
+	if m = loadModule("opensnitch.o"); m == nil {
+		msg := fmt.Errorf("eBPF Failed to load %s/%s", modulesPath, "opensnitch.o")
+		log.Error("%s", msg)
+		dispatchErrorEvent(msg.Error())
+		return msg
 	}
+	m.EnableOptionCompatProbe()
 
 	// if previous shutdown was unclean, then we must remove the dangling kprobe
 	// and install it again (close the module and load it again)
@@ -138,6 +145,21 @@ func saveEstablishedConnections(commDomain uint8) error {
 	return nil
 }
 
+func loadModule(module string) *elf.Module {
+	for _, p := range paths {
+		modulesPath = p
+		m = elf.NewModule(fmt.Sprint(modulesPath, "/", module))
+
+		if err := m.Load(nil); err == nil {
+			log.Info("[eBPF] module loaded: %s/%s", modulesPath, module)
+			break
+		}
+		m = nil
+	}
+
+	return m
+}
+
 func setRunning(status bool) {
 	lock.Lock()
 	defer lock.Unlock()
diff --git a/daemon/procmon/ebpf/events.go b/daemon/procmon/ebpf/events.go
index 132ca6a744..c07801b2c7 100644
--- a/daemon/procmon/ebpf/events.go
+++ b/daemon/procmon/ebpf/events.go
@@ -74,11 +74,15 @@ var (
 func initEventsStreamer() {
 	elfOpts := make(map[string]elf.SectionParams)
 	elfOpts["maps/"+perfMapName] = elf.SectionParams{PerfRingBufferPageCount: ringBuffSize}
-	mp := elf.NewModule("/etc/opensnitchd/opensnitch-procs.o")
+	mp := loadModule("opensnitch-procs.o")
+	if mp == nil {
+		dispatchErrorEvent(fmt.Sprintf("[eBPF events] Failed loading %s/opensnitch-procs.o", modulesPath))
+		return
+	}
 	mp.EnableOptionCompatProbe()
 
 	if err := mp.Load(elfOpts); err != nil {
-		dispatchErrorEvent(fmt.Sprintf("[eBPF events] Failed loading /etc/opensnitchd/opensnitch-procs.o: %v", err))
+		dispatchErrorEvent(fmt.Sprintf("[eBPF events] Failed loading %s/opensnitch-procs.o: %v", modulesPath, err))
 		return
 	}