evilsocket / ebpf-process-anomaly-detection
Process behaviour anomaly detection using eBPF and unsupervised-learning Autoencoders
☆127Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for ebpf-process-anomaly-detection
- ☆84Updated 4 months ago
- A Rust library for managing eBPF programs.☆116Updated 8 months ago
- eBPF Port Knocking Tool☆231Updated last year
- monitor and protect SSH sessions with eBPF☆65Updated 3 years ago
- An eBPF playground☆195Updated 11 months ago
- Linux Kernel Runtime Integrity with eBPF☆164Updated 11 months ago
- Red Canary's eBPF Sensor☆101Updated 4 months ago
- ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.☆113Updated last year
- bpflock - eBPF driven security for locking and auditing Linux machines☆136Updated 2 years ago
- NIST-based CVE lookup store and API powered by Rust.☆126Updated 3 weeks ago
- egrets monitors egress☆45Updated 4 years ago
- Use eBPF to inject chaos into local processes☆61Updated 2 months ago
- A process level network security monitoring and enforcement project for Kubernetes, using eBPF☆40Updated 4 years ago
- eBPF - extended Berkeley Packet Filter tooling☆122Updated 2 years ago
- Example program using eBPF to log data being based in using shell pipes☆40Updated 3 years ago
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆123Updated last year
- Example BPF program with LSM hooks☆31Updated 3 years ago
- An eBPF detection program for CVE-2022-0847☆27Updated 2 years ago
- An eBPF program debugger☆197Updated 2 years ago
- eBPF based syscalls, files and network events tracing framework☆89Updated 4 years ago
- 🐝 BPFBox 📦 Exploring process confinement in eBPF☆101Updated 10 months ago
- A file system events notifier based on eBPF☆57Updated last year
- io_uring based network scanner written in Rust☆43Updated last year
- Making containers more secure with eBPF and Linux Security Modules (LSM)☆219Updated 5 months ago
- Source-code based coverage for eBPF programs actually running in the Linux kernel☆128Updated 2 years ago
- Linux Process Discovery. C Library, Go bindings, Runtime.☆218Updated 2 years ago
- VED-eBPF: Kernel Exploit and Rootkit Detection using eBPF☆150Updated 2 months ago
- Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS, HTTP and SYSLOG App…☆49Updated this week
- insject is a tool for poking at containers. It enables you to run an arbitrary command in a container or any mix of Linux namespaces.☆49Updated 2 years ago
- Snuffy is a simple command line tool to inspect SSL/TLS data.☆290Updated 4 years ago