Alternatives and similar repositories for huakiwi

Users that are interested in huakiwi are comparing it to the libraries listed below

• mole-ids / mole
  Yara powered NIDS with high speed packet capture powered by PF_RING
  ☆69Updated last year
• pathtofile / commandline_cloaking
  A collection of projects demonstrating various commandline cloaking techniques on Linux
  ☆59Updated 3 years ago
• RITRedteam / vishnu
  Golang Port Knocking for Linux + Windows
  ☆18Updated 3 years ago
• botherder / go-autoruns
  Collect autorun records from running system
  ☆60Updated 3 years ago
• codeyourweb / irma
  enpoint detection / live analysis & sandbox host / signatures quality test
  ☆44Updated 4 years ago
• redcanaryco / ebpfmon
  ☆89Updated last year
• avast / yari
  YARI is an interactive debugger for YARA Language.
  ☆89Updated last month
• redcanaryco / redcanary-ebpf-sensor
  Red Canary's eBPF Sensor
  ☆110Updated 4 months ago
• markuskont / pikksilm
  Look into EDR events from network
  ☆24Updated 5 months ago
• hashlookup / hashlookup-gui
  Provides a multi-platform Graphical User Interface for hashlookup
  ☆12Updated last year
• FoxIO-LLC / ja4tscan
  JA4TScan is an active TCP server fingerprinting tool.
  ☆91Updated last year
• 0xThiebaut / Signatures
  🚧 Currently transfering TLP:CLEAR rules from TLP:AMBER repository...
  ☆21Updated last year
• WhiteBeamSec / WhiteBeam
  WhiteBeam: Transparent endpoint security
  ☆100Updated 2 years ago
• Gui774ume / ebpfkit-monitor
  ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits
  ☆137Updated 2 years ago
• sandflysecurity / sandfly-entropyscan
  Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives …
  ☆164Updated last year
• OISF / suricata-intel-index
  Suricata rule and intel index
  ☆32Updated last month
• projectdiscovery / tinydns
  Tiny embeddable dns server
  ☆52Updated last week
• Velocidex / go-pe
  A Portable Executable parser for Golang
  ☆47Updated 9 months ago
• sandflysecurity / sandfly-processdecloak
  Sandfly Linux Stealth Rootkit Decloaking Utility
  ☆104Updated 2 years ago
• projectdiscovery / hmap
  Hybrid memory/disk map
  ☆59Updated last week
• runZeroInc / recog-go
  Recog-Go: Pattern Recognition using Rapid7 Recog
  ☆118Updated 2 years ago
• StamusNetworks / gophercap
  Accurate, modular, scalable PCAP manipulation tool written in Go.
  ☆94Updated last year
• sandflysecurity / sandfly-file-decloak
  Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.
  ☆26Updated 2 weeks ago
• 0xrawsec / golang-etw
  ☆41Updated 3 years ago
• hdm / jarm-go
  A Go implementation of JARM
  ☆119Updated 3 years ago
• hulto / rusty-keys
  Linux rust keylogger
  ☆17Updated last year
• Loginsoft-LLC / Linux-Exploit-Detection
  Linux based vulnerabilities (CVE) exploit detection through runtime security using Falco/Osquery/Yara/Sigma
  ☆21Updated last year
• Acceis / eBPF-hide-PID
  This tool have the power to hide any PID/directory in the Linux kernel
  ☆29Updated last year
• ail-project / ail-yara-rules
  A set of YARA rules for the AIL framework to detect leak or information disclosure
  ☆38Updated 8 months ago
• 0xN3utr0n / Kanis
  Advanced threat detection solution for Linux.
  ☆35Updated 4 years ago