gojue / ehids-agentView external linksLinks
A Linux Host-based Intrusion Detection System based on eBPF.
☆457Dec 20, 2023Updated 2 years ago
Alternatives and similar repositories for ehids-agent
Users that are interested in ehids-agent are comparing it to the libraries listed below
Sorting:
- Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)☆305Nov 30, 2024Updated last year
- A golang ebpf libary based on cilium/ebpf and datadog/ebpf.☆348May 18, 2025Updated 8 months ago
- Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and ser…☆2,558Updated this week
- ebpfkit is a rootkit powered by eBPF☆831Feb 28, 2023Updated 2 years ago
- Collection of Linux eBPF slides/documents.☆978Nov 15, 2023Updated 2 years ago
- ☆49Mar 19, 2022Updated 3 years ago
- Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.☆1,659Oct 19, 2023Updated 2 years ago
- A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29☆680Jul 7, 2024Updated last year
- Linux EDR written in Golang and based on eBPF.☆244May 24, 2022Updated 3 years ago
- Linux Kernel Runtime Integrity with eBPF☆184Nov 23, 2023Updated 2 years ago
- Linux Runtime Security and Forensics using eBPF☆4,362Updated this week
- A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.☆1,937Apr 7, 2024Updated last year
- Suricata IDS rules 用来检测红队渗透/恶意行为等,支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等☆1,266Jul 8, 2023Updated 2 years ago
- ☆28Nov 24, 2021Updated 4 years ago
- 📦 Make security testing of K8s, Docker, and Containerd easier.☆4,560Nov 5, 2025Updated 3 months ago
- vArmor is a cloud native container sandbox system based on AppArmor/BPF/Seccomp. It also includes multiple built-in protection rules that…☆438Jan 26, 2026Updated 2 weeks ago
- Inject ELF into remote process☆152Oct 20, 2023Updated 2 years ago
- 安全、快捷、高交互、企业级的蜜罐管理系统,护网;支持多种协议蜜罐、蜜签、诱饵等功能。A safe, fast, highly interactive and enterprise level honeypot management system, supports mult…☆1,273Oct 17, 2023Updated 2 years ago
- 《云原生安全:攻防实践与体系构建》资料仓库☆781Feb 19, 2023Updated 2 years ago
- eBPF-based Security Observability and Runtime Enforcement☆4,405Updated this week
- By Kprobe technology Open Source Host-based Intrusion Detection System(HIDS), from E_Bwill.☆603Apr 1, 2021Updated 4 years ago
- 一个由长亭自研,直观而可扩展的容器安全 SDK☆121May 26, 2023Updated 2 years ago
- [WIP] 整理过去我和K8s、容器、虚拟化相关的分享 🧐☆3,146Nov 6, 2025Updated 3 months ago
- veinmind-tools 是由长亭科技自研,基于 veinmind-sdk 打造的容器安全工具集☆1,645Jan 10, 2024Updated 2 years ago
- 专注于JVM的运行时防御系统RASP☆295Jun 14, 2024Updated last year
- GO开发而成,用于NIDS HIDS 分析的规则引擎,使用WorkerPool 高性能检测,支持多字段 "和" "或" 检测, 支持频率检测☆78Feb 8, 2025Updated last year
- 一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静…☆458Mar 24, 2022Updated 3 years ago
- Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.☆14,998Updated this week
- 检测绝大部分所谓的内存免杀马☆735Sep 15, 2022Updated 3 years ago
- bpf 学习仓库☆1,492Apr 30, 2022Updated 3 years ago
- Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynam…☆696Dec 25, 2023Updated 2 years ago
- Dectect syscall hooking using eBPF☆168Apr 28, 2023Updated 2 years ago
- Windows CVE主防(HIPS/HIDS)☆56Apr 29, 2021Updated 4 years ago
- Codeql学习笔记☆900Apr 25, 2022Updated 3 years ago
- CloudWalker Platform☆678Dec 14, 2022Updated 3 years ago
- 《深入理解CodeQL》Finding vulnerabilities with CodeQL.☆1,752Nov 21, 2023Updated 2 years ago
- ZKar is a Java serialization protocol analysis tool implement in Go.☆643Feb 15, 2025Updated 11 months ago
- Metarget is a framework providing automatic constructions of vulnerable infrastructures.☆1,366Apr 16, 2025Updated 9 months ago
- Attack Detection☆1,364Aug 31, 2022Updated 3 years ago