gojue / ehids-agent
A Linux Host-based Intrusion Detection System based on eBPF.
☆439Updated last year
Alternatives and similar repositories for ehids-agent:
Users that are interested in ehids-agent are comparing it to the libraries listed below
- Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)☆292Updated 5 months ago
- A golang ebpf libary based on cilium/ebpf and datadog/ebpf.☆330Updated last month
- vArmor is a cloud native container sandbox system based on AppArmor/BPF/Seccomp. It also includes multiple built-in protection rules that…☆362Updated last week
- Elkeid HUB is a rule/event processing engine maintained by the Elkeid Team that supports streaming/offline (not yet supported by the comm…☆95Updated 2 years ago
- A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29☆603Updated 10 months ago
- By Kprobe technology Open Source Host-based Intrusion Detection System(HIDS), from E_Bwill.☆595Updated 4 years ago
- ebpfkit is a rootkit powered by eBPF☆793Updated 2 years ago
- Inject ELF into remote process☆137Updated last year
- ☆269Updated 8 months ago
- Collection of Linux eBPF slides/documents.☆926Updated last year
- 《云原生安全:攻防实践与体系构建》资料仓库☆750Updated 2 years ago
- Examples for libbpf, aquasecurity/libbpfgo and cilium/ebpf☆169Updated last week
- 《eBPF 云原生安全:原理与实践》书中示例程序的完整源代码☆97Updated 5 months ago
- The BTFhub Archive repository provides BTF files for those published kernels that lack native support for embedded BTF, thereby enhancing…☆109Updated last week
- QNSM is network security monitoring framework based on DPDK.☆525Updated 3 years ago
- Learn something interesting by examples.☆68Updated last month
- 与 eBPF 相关的精选项目的中文清单☆96Updated 2 years ago
- 极客时间专栏《eBPF 核心技术与实战》案例☆346Updated last week
- A Toolchain to make Build and Run eBPF programs easier☆743Updated 8 months ago
- libsinsp, libscap, the kernel module driver, and the eBPF driver sources☆265Updated this week
- BTFhub, in collaboration with the BTFhub Archive repository, supplies BTF files for all published kernels that lack native support for em…☆425Updated 2 weeks ago
- Linux EDR written in Golang and based on eBPF.☆238Updated 2 years ago
- bpflock - eBPF driven security for locking and auditing Linux machines☆147Updated 3 years ago
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆130Updated 2 years ago
- Metarget is a framework providing automatic constructions of vulnerable infrastructures.☆1,235Updated 3 weeks ago
- learn how to use BPF/eBPF☆495Updated 2 years ago
- 一个由长亭自研,直观而可扩展的容器安全 SDK☆121Updated last year
- 专注于JVM的运行时防御系统RASP☆284Updated 10 months ago
- a PoC for Linux to get around agents that log commands being executed, without root privilege. Linux低权限模糊化执行的程序名和参数,避开基于execve系统调用监控的命令日志☆242Updated 6 years ago
- vArmor-ebpf is a specialized project dedicated to maintaining the BPF code utilized by vArmor.☆31Updated last week