bytedance / Elkeid-HUB
Elkeid HUB is a rule/event processing engine maintained by the Elkeid Team that supports streaming/offline (not yet supported by the community edition) data processing. The original intention is to solve complex data/event processing and external system linkage requirements through standardized rules.
☆90Updated last year
Related projects ⓘ
Alternatives and complementary repositories for Elkeid-HUB
- GO开发而成,用于NIDS HIDS 分析的规则引擎,使用WorkerPool 高性能检测,支持多字段 "和" "或" 检测, 支持频率检测☆76Updated 3 years ago
- Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)☆282Updated 3 weeks ago
- Go Agent is a go application probe of DongTai IAST, which collects method invocation data during runtime of Go application by dynamic hoo…☆40Updated last year
- 使用 cgroups + etcd + kafka + netlink-connector 开发而成的hids的架构,agent 部分使用go 开发而成, 会把采集的数据写入到kafka里面,由后端的规则引擎(go开发而成)消费,配置部分以及agent存活使用etcd。☆18Updated 3 years ago
- 通过Linux netlink NETLINK_CONNECTOR 协议实时进行监控本机进程情况。☆13Updated 5 years ago
- Google V8 with OpenRASP builtins☆56Updated 3 years ago
- 一个由长亭自研,直观而可扩展的容器安全 SDK☆118Updated last year
- ☆81Updated 3 years ago
- 安全编排与自动化响应平台☆61Updated 3 years ago
- Suricata安装部署&丢包优化&性能调优&规则调整&Pfring设置☆139Updated 5 years ago
- Inject ELF into remote process☆119Updated last year
- vArmor is a cloud native container sandbox system based on AppArmor/BPF/Seccomp. It also includes multiple built-in protection rules that…☆296Updated last week
- A simple web platform for WatchAD☆110Updated last year
- A Linux Host-based Intrusion Detection System based on eBPF.☆409Updated 11 months ago
- ☆30Updated last year
- WatchAD2.0是一款针对域威胁的日志分析与监控系统☆382Updated 10 months ago
- IDS协议识别测试流量☆21Updated 5 years ago
- Linux命令转发记录☆63Updated 5 years ago
- IAST 灰盒扫描工具☆443Updated 2 years ago
- An awesome reverse engine for xray poc. | 一个自动化根据 xray poc 生成对应靶站的工具☆406Updated last year
- K8S安全攻防思维导图 | Docker安全攻防思维导图☆413Updated 2 years ago
- ☆143Updated 2 years ago
- 用cel-go重现了长亭xray的poc检测功能的轮子☆294Updated 2 years ago
- dump Transfer Layer Security data without certificate☆71Updated last month
- HIDS全称是Host-based Intrusion Detection System,即基于主机型入侵检测系统,HIDS运行依赖这样一个原理:一个成功的入侵者一般而言都会留下他们入侵的痕迹。本人更倾向于通过记录主机的重要信息变更来发现入侵者。 本项目由两部分组成:一部分…☆101Updated 6 years ago
- gonmap是一个go语言的nmap端口扫描库,使用纯go实现nmap的扫描逻辑,而非调用nmap来进行扫描。☆313Updated 2 years ago
- ☆97Updated last year
- 一个基于openresty开发的安全网关demo☆30Updated 2 years ago
- 一个免费的镜像漏洞扫描工具, 可以扫描镜像中已安装软件包的漏洞,支持中文漏洞库,可与 Harbor 无缝集成。☆105Updated 2 years ago