ggrandes-clones / pmonLinks
Copy: Linux process monitoring (exec, fork, exit, set*uid, set*gid)
☆31Updated 3 years ago
Alternatives and similar repositories for pmon
Users that are interested in pmon are comparing it to the libraries listed below
Sorting:
- 通过Linux netlink NETLINK_CONNECTOR 协议实时进行监控本机进程情况。☆13Updated 5 years ago
- Automatic reversed shell detecting and defensing☆51Updated 6 years ago
- 一个HIDS agent端的demo☆17Updated 5 years ago
- a PoC for Linux to get around agents that log commands being executed, without root privilege. Linux低权限模糊化执行的程序名和参数,避开基于execve系统调用监控的命令日志☆242Updated 6 years ago
- 这是一个基于 Cuckoo 开源版本的沙箱的修订版本, 该版本完全为了适配国内软件环境所打造☆76Updated 2 years ago
- HIDS全称是Host-based Intrusion Detection System,即基于主机型入侵检测系统,HIDS运行依赖这样一个原理:一个成功的入侵者一般而言都会留下他们入侵的痕迹。本人更倾向于通过记录主机的重要信息变更来发现入侵者。 本项目由两部分组成:一部分…☆107Updated 7 years ago
- 微盾®VirtualWall®防火墙整套源代码☆192Updated 4 years ago
- Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)☆296Updated 8 months ago
- OVAL Interpreter☆13Updated 4 years ago
- linux下实现进程隐藏☆51Updated 8 years ago
- suricata源码分析和读书笔记☆24Updated 7 years ago
- Suricata安装部署&丢包优化&性能调优&规则调整&Pfring设置☆141Updated 5 years ago
- 使用 cgroups + etcd + kafka + netlink-connector 开发而成的hids的架构,agent 部分使用go 开发而成, 会把采集的数据写入到kafka里面,由后端的规则引擎(go开发而成)消费,配置部分以及agent存活使用etcd。☆19Updated 4 years ago
- honeypot proxy☆109Updated 6 years ago
- Elkeid HUB is a rule/event processing engine maintained by the Elkeid Team that supports streaming/offline (not yet supported by the comm…☆98Updated 2 years ago
- 2017年底将至,正恰逢笔者的小棉袄出身,也是对人生这段时间的总结,决定写点东西留作纪念。 如有任何问题,可以联系我(liaixian1130@gmail.com,小棉袄小名:艾娴^_^)。欢迎技术交流,喷子勿扰了。文章中理论会提一部分,基本都是言简意赅,只说重点,完全以实…☆42Updated 7 years ago
- By Kprobe technology Open Source Host-based Intrusion Detection System(HIDS), from E_Bwill.☆600Updated 4 years ago
- dpdk infrastructure for software acceleration. Currently working on RX and ACL pre-filter☆91Updated 4 years ago
- GO开发而成,用于NIDS HIDS 分析的规则引擎,使用WorkerPool 高性能检测,支持多字段 "和" "或" 检测, 支持频率检测☆77Updated 5 months ago
- Linux命令转发记录☆64Updated 6 years ago
- 基于docker虚拟化��的恶意代码沙箱☆71Updated 6 years ago
- himqtt是首款完整源码的高性能MQTT物联网防火墙 - MQTT Application FireWall,采用epoll模式支持高并发连接。☆122Updated last year
- Source code of DDG Mining Botnet tracker☆60Updated 4 years ago
- rootkit sample code of my tutorials on Freebuf.com☆17Updated 9 years ago
- check_IP is to judge whether a IP is malicious based on open threat intelligence,基于开源威胁情报AlienVault,排查IP地址及域名的恶意性☆52Updated 6 years ago
- 基于行为的Ransomware检测原型☆40Updated 7 years ago
- ☆17Updated 6 years ago
- 安全开发教学 - 用Docker制作一个高交互ssh蜜罐☆70Updated 6 years ago
- A regular language recognizer generater like Ragel, enhanced with features to approximate context-free grammars and substring grammars☆98Updated 8 years ago
- TLS 技术原理与 1.0协议旁路解密实现方法☆26Updated 6 years ago