HoneProject / Linux-SensorLinks
Correlate packets to the responsible processes in Linux systems. Diagnose connections by adding process information.
☆102Updated 10 years ago
Alternatives and similar repositories for Linux-Sensor
Users that are interested in Linux-Sensor are comparing it to the libraries listed below
Sorting:
- DNS packet generator☆46Updated last month
- BONOMEN - Hunt for Malware Critical Process Impersonation☆49Updated 4 years ago
- Replay HTTP and HTTPS requests from a PCAP based on TLS Master Secrets.☆95Updated 3 years ago
- Live SSH/SSL/TLS decryption - extraction of secret keys from live process memory☆109Updated 9 years ago
- BGP Route Leaks Detection☆71Updated 6 years ago
- An Interactive Pcap Editor (based on Scapy)☆23Updated 5 years ago
- A simple, but damn fast sinkhole☆65Updated 10 months ago
- A python implementation of a grep friendly ftrace wrapper☆80Updated 6 years ago
- BASS - BASS Automated Signature Synthesizer☆178Updated 7 years ago
- The Official Github Repository of Daemonlogger☆22Updated 4 years ago
- Using nDPI/openDPI to detect flow protocols from a PCAP file or live NIC. This program was modified from example in nDPI and I added a pe…☆23Updated 9 years ago
- Passive DHCP fingerprinting implementation☆50Updated 9 years ago
- tracy - a system call tracer and injector. Find us in #tracy on irc.freenode.net☆33Updated last year
- ☆13Updated 9 years ago
- Implementation of the SMM rootkit "The Watcher"☆128Updated 3 years ago
- simple plugin to detect shellcode on Bro IDS with Unicorn☆33Updated 8 years ago
- Linux-KVM with rVMI extensions☆22Updated 8 years ago
- Linux Runtime Process Injection Tool☆61Updated 12 years ago
- The Alternative Fileless File System☆57Updated 6 years ago
- IDS Utility Belt For Automating/Testing Various Things☆30Updated 5 years ago
- A python library to extract TCP sessions from PCAPs.☆23Updated 4 years ago
- GSAudit at Symantec, ExeAudit at RIM, RECX Binary Assurance for Windows at Recx etc. - core library now WinBinaryAudit☆24Updated 10 years ago
- ☆43Updated 7 years ago
- Membrane: A Posteriori Detection of Malicious Code Loading by Memory Paging Analysis☆41Updated 9 years ago
- pure Python binary analysis framework☆22Updated 6 years ago
- Scripts to detect Fast-Flux and DGA using DNS query responses☆44Updated 8 years ago
- Historical Tracking of MAC Address Assignments☆36Updated this week
- ssltrace hooks an application's SSL libraries to record keying data of all SSL connections☆95Updated 10 years ago
- iknowthis Linux SystemCall Fuzzer☆20Updated 6 years ago
- DHCP Fingerprinting☆29Updated 4 years ago