Onils / psauditLinks
通过Linux netlink NETLINK_CONNECTOR 协议实时进行监控本机进程情况。
☆13Updated 5 years ago
Alternatives and similar repositories for psaudit
Users that are interested in psaudit are comparing it to the libraries listed below
Sorting:
- 一个基于openresty开发的安全网关demo☆30Updated 3 years ago
- GO开发而成,用于NIDS HIDS 分析的规则引擎,使用WorkerPool 高性能检测,支持多字段 "和" "或" 检测, 支持频率检测☆77Updated 3 months ago
- Automatic reversed shell detecting and defensing☆51Updated 6 years ago
- tcppc: A simple honeypot to capture TCP/TLS/UDP payloads on ALL ports.☆35Updated 4 years ago
- 使用 cgroups + etcd + kafka + netlink-connector 开发而成的hids的架构,agent 部分使用go 开发而成, 会把采集的数据写入到kafka里面,由后端的规则引擎(go开发而成)消费,配置部分以及agent存活使用etcd。☆19Updated 3 years ago
- 一个HIDS agent端的demo☆17Updated 5 years ago
- 欺骗 防御Linux版本Agent☆13Updated 3 years ago
- ☆22Updated 5 years ago
- 🌶 一些和容器化/容器编排/服务网格等技术相关的安全代码片段[自用备份]☆82Updated 3 years ago
- MSF RPC API调用文档及demo☆52Updated 11 months ago
- Agent Framework,跨平台、cpu/内存限制、负载监控、自杀机制、配置变更、统一日志、数据通信等等,统统交给AF,专心写你的业务逻辑吧.☆2Updated 4 years ago
- ThreatHound is a threat intelligence query tool use for detecting potentially malicious IP or domains. It combines the MISP open source t…☆39Updated 5 years ago
- Linux命令转发记录☆64Updated 5 years ago
- A simple web platform for WatchAD☆110Updated 2 years ago
- 总结了免杀webshell的方法论☆48Updated 4 years ago
- Elkeid HUB is a rule/event processing engine maintained by the Elkeid Team that supports streaming/offline (not yet supported by the comm…☆95Updated 2 years ago
- 基于JVM-Sandbox实现RASP安全监控防护☆52Updated last year
- Copy: Linux process monitoring (exec, fork, exit, set*uid, set*gid)☆31Updated 3 years ago
- A golang client of our webshell scanner API☆28Updated 7 years ago
- ☆30Updated 2 years ago
- Go Agent is a go application probe of DongTai IAST, which collects method invocation data during runtime of Go application by dynamic hoo…☆42Updated 4 months ago
- ☆56Updated 4 years ago
- docker 安全基线规范☆90Updated 6 years ago
- 恶意脚本检测分类工具☆40Updated 4 years ago
- 恶意软件原理图☆58Updated 4 years ago
- 天御攻防实验室 - 威胁猎杀实战系列☆102Updated 5 years ago
- 基于docker虚拟化的恶意代码沙箱☆71Updated 6 years ago
- ATT&CK技战术数据☆16Updated 4 years ago
- 这 个脚本主要提供对pypi供应链的源头进行安全扫描研究,扫描并发现未知的恶意包情况。☆29Updated 2 years ago
- suricata IDS的规则,测试在用的,部分自写的规则视情况放出。☆18Updated 6 years ago