Falco rule repository
☆168May 8, 2026Updated last week
Alternatives and similar repositories for rules
Users that are interested in rules are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- libsinsp, libscap, the kernel module driver, and the eBPF driver sources☆305May 13, 2026Updated last week
- Falco plugins registry☆115Updated this week
- Administrative tooling for Falco☆128Updated this week
- A crawler for kernel releases distributed by the major Linux distributions.☆13Oct 18, 2024Updated last year
- Falco plugins SDK for Rust☆12May 7, 2026Updated 2 weeks ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).☆89Jan 28, 2024Updated 2 years ago
- Generate a variety of suspect actions that are detected by Falco rulesets☆120Updated this week
- Response Engine for managing threats in your Kubernetes☆200Apr 28, 2026Updated 3 weeks ago
- Cloud Native Runtime Security☆8,958Updated this week
- A tool to crawl Linux kernel versions☆25Apr 13, 2026Updated last month
- Connect Falco to your ecosystem☆664May 11, 2026Updated last week
- Fetches the metadata from kubernetes API server and dispatches them to Falco instances☆22May 13, 2026Updated last week
- Demo repository for running eBPF in GitHub Actions☆23Mar 27, 2025Updated last year
- A simple WebUI with latest events from Falco☆138May 11, 2026Updated last week
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Kit for building Falco drivers: kernel modules or eBPF probes☆70May 7, 2026Updated 2 weeks ago
- Falco workflow & testing infrastructure☆33Updated this week
- suidsnoop is a tool based on eBPF LSM programs that logs whenever a suid binary is executed and implements custom allow/deny lists.☆16Oct 31, 2021Updated 4 years ago
- A Python package and command line utility for scanning emails with YARA rules☆23Apr 5, 2026Updated last month
- The high-level/low-level implementation of Linux Fanotify.☆25Nov 11, 2025Updated 6 months ago
- Kubernetes focused container assessment and context discovery tool for penetration testing☆480Nov 7, 2025Updated 6 months ago
- Nginx Multi Cluster Ingress Controller (based on kubernetes/ingress-nginx@v1.1.1)☆20Feb 28, 2024Updated 2 years ago
- Detect intrusions that happened in your Kubernetes cluster through audit logs using Falco☆63Jun 2, 2021Updated 4 years ago
- the ps utility, with an eBPF twist and container context☆295Jan 16, 2026Updated 4 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Detecting Cobalt Strike Team Servers on targets through traffic telemetry.☆22Aug 13, 2024Updated last year
- ☆10Apr 19, 2026Updated last month
- eBPF-based Security Observability and Runtime Enforcement☆4,676Updated this week
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆219May 3, 2026Updated 2 weeks ago
- Use Clair as a plug-in vulnerability scanner in the Harbor registry☆36Dec 5, 2025Updated 5 months ago
- Terraform Azure Verified Resource Module for Cognitive Service☆13Mar 18, 2026Updated 2 months ago
- Simplified go-cat agent for caldera☆11Dec 18, 2023Updated 2 years ago
- Evolution process of The Falco Project☆62Updated this week
- A Kubernetes Operator for Lakekeeper (WIP)☆17Apr 30, 2026Updated 3 weeks ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- CVE-2022-0185 POC and Docker and Analysis write up☆37May 24, 2022Updated 3 years ago
- A tool for in-depth analysis of container checkpoints☆146Apr 22, 2026Updated 3 weeks ago
- exploit-db备份☆15Jan 5, 2022Updated 4 years ago
- Yara rules for detecting malware☆23Sep 9, 2025Updated 8 months ago
- The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously…☆231May 26, 2025Updated 11 months ago
- Fluent input plugin for MySQL slow query log file.☆22Dec 22, 2018Updated 7 years ago
- A C and Go /proc/pid/maps cloak of invisibilty for shared object files☆22Nov 19, 2025Updated 6 months ago