gojue / ehids-agentLinks
A Linux Host-based Intrusion Detection System based on eBPF.
☆447Updated last year
Alternatives and similar repositories for ehids-agent
Users that are interested in ehids-agent are comparing it to the libraries listed below
Sorting:
- Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)☆301Updated 10 months ago
- vArmor is a cloud native container sandbox system based on AppArmor/BPF/Seccomp. It also includes multiple built-in protection rules that…☆400Updated last month
- A golang ebpf libary based on cilium/ebpf and datadog/ebpf.☆341Updated 5 months ago
- Elkeid HUB is a rule/event processing engine maintained by the Elkeid Team that supports streaming/offline (not yet supported by the comm…☆100Updated 2 years ago
- Inject ELF into remote process☆151Updated 2 years ago
- vArmor-ebpf is a specialized project dedicated to maintaining the BPF code utilized by vArmor.☆35Updated last month
- 《eBPF 云原生安全:原理与实践》书中示例程序的完整源代码☆109Updated 10 months ago
- By Kprobe technology Open Source Host-based Intrusion Detection System(HIDS), from E_Bwill.☆604Updated 4 years ago
- 《云原生安全:攻防实践与体系构建》资料仓库☆768Updated 2 years ago
- Collection of Linux eBPF slides/documents.☆966Updated last year
- A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29☆666Updated last year
- 通过Linux netlink NETLINK_CONNECTOR 协议实时进行监控本机进程情况。☆13Updated 6 years ago
- SQL / SQLI tokenizer parser analyzer☆216Updated 7 months ago
- ebpfkit is a rootkit powered by eBPF☆815Updated 2 years ago
- Linux EDR written in Golang and based on eBPF.☆244Updated 3 years ago
- GO开发而成,用于NIDS HIDS 分析的规则引擎,使用WorkerPool 高性能检测,支持多字段 "和" "或" 检测, 支持频率检测☆77Updated 8 months ago
- 与 eBPF 相关的精选项目的中文清单 (自动翻译自 https://github.com/zoidyzoidzoid/awesome-ebpf)☆108Updated 2 months ago
- ☆281Updated 3 weeks ago
- QNSM is network security monitoring framework based on DPDK.☆528Updated 4 years ago
- Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and ser…☆2,517Updated 2 weeks ago
- 专注于JVM的运行时防御系统RASP☆288Updated last year
- 一个由长亭自研,直观而可扩展的容器安全 SDK☆119Updated 2 years ago
- Go Agent is a go application probe of DongTai IAST, which collects method invocation data during runtime of Go application by dynamic hoo…☆42Updated 9 months ago
- Suricata安装部署&丢包优化&性能调优&规则调整&Pfring设置☆142Updated 6 years ago
- Learning eBPF from zero to hero☆37Updated last year
- 使用 cgroups + etcd + kafka + netlink-connector 开发而成的hids的架构,agent 部分使用go 开发而成, 会把采集的数据写入到kafka里面,由后端的规则引擎(go开发而成)消费,配置部分以及agent存活使用etcd。☆19Updated 4 years ago
- The BTFhub Archive repository provides BTF files for those published kernels that lack native support for embedded BTF, thereby enhancing…☆122Updated last week
- Linux技术栈☆889Updated last year
- Metarget is a framework providing automatic constructions of vulnerable infrastructures.☆1,320Updated 6 months ago
- kprobes template☆60Updated 4 years ago