johnjohnsp1 / capsule8Links
Capsule8: open-source cloud-native behavioral security monitoring
☆33Updated 7 years ago
Alternatives and similar repositories for capsule8
Users that are interested in capsule8 are comparing it to the libraries listed below
Sorting:
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆135Updated 2 years ago
- ☆185Updated last week
- Yara powered NIDS with high speed packet capture powered by PF_RING☆69Updated last year
- Linux Kernel Runtime Integrity with eBPF☆182Updated last year
- Linux EDR written in Golang and based on eBPF.☆244Updated 3 years ago
- ☆55Updated last year
- ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.☆117Updated 2 years ago
- Linux endpoint events for BPF enabled systems☆24Updated 2 years ago
- bpflock - eBPF driven security for locking and auditing Linux machines☆150Updated 3 years ago
- A repository for OSSEC rules and decoders☆54Updated 2 years ago
- Red Canary's eBPF Sensor☆109Updated 2 months ago
- INTERCEPT / Policy as Code Auditing & Compliance☆86Updated 3 months ago
- This is a PoC exploit for CVE-2020-8559 Kubernetes Vulnerability☆54Updated 5 years ago
- SysFlow documentation and issues tracker☆45Updated 11 months ago
- utmp file dumper, written in golang. Output to json or tsv or csv.☆33Updated last year
- Example program using eBPF to log data being based in using shell pipes☆41Updated 4 years ago
- A parser for NASL.☆45Updated 2 years ago
- Vault Exploit Defense☆128Updated 11 months ago
- Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))☆31Updated 5 years ago
- DNSpooq - dnsmasq cache poisoning (CVE-2020-25686, CVE-2020-25684, CVE-2020-25685)☆99Updated 4 years ago
- Copy: Linux process monitoring (exec, fork, exit, set*uid, set*gid)☆31Updated 3 years ago
- Resources for CloudNative security research☆32Updated 4 years ago
- Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)☆297Updated 9 months ago
- Trace deep kernel events through eBPF and lsm hooks☆37Updated 4 years ago
- Kubernetes POC for utilizing write mount to /var/log for getting a root on the host☆97Updated 4 years ago
- Accurate, modular, scalable PCAP manipulation tool written in Go.☆94Updated last year
- teler Resource Collections☆36Updated this week
- NVD/CVE as JSON files☆122Updated 2 weeks ago
- Vulnerability Scanner for Detecting Publicly Disclosed Vulnerabilities in Application Dependencies☆23Updated 6 years ago
- An eBPF detection program for CVE-2022-0847☆28Updated 3 years ago