chriskaliX / Hades
Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)
☆280Updated last week
Related projects ⓘ
Alternatives and complementary repositories for Hades
- A Linux Host-based Intrusion Detection System based on eBPF.☆409Updated 10 months ago
- vArmor is a cloud native container sandbox system based on AppArmor/BPF/Seccomp. It also includes multiple built-in protection rules that…☆289Updated this week
- Linux EDR written in Golang and based on eBPF.☆229Updated 2 years ago
- Elkeid HUB is a rule/event processing engine maintained by the Elkeid Team that supports streaming/offline (not yet supported by the comm…☆90Updated last year
- Inject ELF into remote process☆119Updated last year
- a PoC for Linux to get around agents that log commands being executed, without root privilege. Linux低权限模糊化执行的程序名和参数,避开基于execve系统调用监控的命令日志☆240Updated 5 years ago
- A golang ebpf libary based on cilium/ebpf and datadog/ebpf.☆312Updated 2 months ago
- vArmor-ebpf is a specialized project dedicated to maintaining the BPF code utilized by vArmor.☆25Updated this week
- GO开发而成,用于NIDS HIDS 分析的规则引擎,使用WorkerPool 高性能检测,支持多字段 "和" "或" 检测, 支持频率检测☆76Updated 3 years ago
- k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.☆274Updated 3 years ago
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆123Updated last year
- 使用 cgroups + etcd + kafka + netlink-connector 开发而成的hids的架构,agent 部分使用go 开发而成, 会把采集的数据写入到kafka里面,由后端的规则引擎(go开发而成)消费,配置部分以及agent存活使用etcd。☆18Updated 3 years ago
- By Kprobe technology Open Source Host-based Intrusion Detection System(HIDS), from E_Bwill.☆589Updated 3 years ago
- A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29☆547Updated 4 months ago
- Copy: Linux process monitoring (exec, fork, exit, set*uid, set*gid)☆31Updated 2 years ago
- An awesome reverse engine for xray poc. | 一个自动化根据 xray poc 生成对应靶站的工具☆406Updated last year
- ☆147Updated last year
- A penetration toolkit for container environment☆76Updated 2 months ago
- ebpfkit is a rootkit powered by eBPF☆759Updated last year
- Web application build Golang with Vulnerability☆248Updated last year
- 通过Linux netlink NETLINK_CONNECTOR 协议实时进行监控本机进程情况。☆13Updated 5 years ago
- The demo of hidden process and ko module☆13Updated last year
- 《云原生安全:攻防实践与体系构建》资料仓库☆726Updated last year
- Hades is an cross-platform HIDS with kernel-space data collection.☆44Updated last year
- dns tunnel backdoor DNS隧道后门☆196Updated 5 years ago
- HIDS全称是Host-based Intrusion Detection System,即基于主机型入侵检测系统,HIDS运行依赖这样一个原理:一个成功的入侵者一般而言都会留下他们入侵的痕迹。本人更倾向于通过记录主机的重要信息变更来发现入侵者。 本项目由两部分组成:一部分…☆101Updated 6 years ago
- IAST 灰盒扫描工具☆444Updated 2 years ago
- SysTracer: Linux 系统活动跟踪器☆27Updated last year
- Suricata安装部署&丢包优化&性能调优&规则调整&Pfring设置☆138Updated 5 years ago
- 工控安全概览☆82Updated 2 years ago