johnjohnsp1 / capsule8
Capsule8: open-source cloud-native behavioral security monitoring
☆31Updated 7 years ago
Alternatives and similar repositories for capsule8:
Users that are interested in capsule8 are comparing it to the libraries listed below
- Yara powered NIDS with high speed packet capture powered by PF_RING☆69Updated 10 months ago
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆127Updated 2 years ago
- A collection of projects demonstrating various commandline cloaking techniques on Linux☆57Updated 2 years ago
- A repository for OSSEC rules and decoders☆54Updated last year
- An eBPF detection program for CVE-2022-0847☆28Updated 2 years ago
- Example program using eBPF to log data being based in using shell pipes☆41Updated 4 years ago
- Bro analyzer that detects Google's QUIC protocol☆10Updated 4 years ago
- Golang based web service to scan files with yara rules☆27Updated 7 years ago
- Slides, papers, etc☆31Updated 11 months ago
- Red Canary's eBPF Sensor☆101Updated 8 months ago
- YARI is an interactive debugger for YARA Language.☆87Updated 2 months ago
- ☆54Updated 8 months ago
- ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.☆118Updated last year
- A LKM rootkit for Linux kernel 2.6.x, 3.x and 4.x☆43Updated 8 years ago
- teler Resource Collections☆36Updated this week
- A dsniff project using bro☆10Updated 9 years ago
- CVE-2020-10749 PoC (Kubernetes MitM attacks via IPv6 rogue router advertisements)☆25Updated 4 years ago
- Tenable Nessus 6 API client in Go