johnjohnsp1 / capsule8Links
Capsule8: open-source cloud-native behavioral security monitoring
☆33Updated 7 years ago
Alternatives and similar repositories for capsule8
Users that are interested in capsule8 are comparing it to the libraries listed below
Sorting:
- Yara powered NIDS with high speed packet capture powered by PF_RING☆69Updated last year
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆138Updated 2 years ago
- ☆186Updated last week
- Linux Kernel Runtime Integrity with eBPF☆183Updated last year
- Linux endpoint events for BPF enabled systems☆24Updated 2 years ago
- go-libaudit is a library for communicating with the Linux Audit Framework.☆155Updated 4 months ago
- Red Canary's eBPF Sensor☆109Updated 3 months ago
- ☆55Updated last year
- Vault Exploit Defense☆128Updated last year
- Resources for CloudNative security research☆32Updated 4 years ago
- Example program using eBPF to log data being based in using shell pipes☆41Updated 4 years ago
- ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.☆117Updated 2 years ago
- A repository for OSSEC rules and decoders☆55Updated 2 years ago
- bpflock - eBPF driven security for locking and auditing Linux machines☆150Updated 3 years ago
- Linux EDR written in Golang and based on eBPF.☆244Updated 3 years ago
- SysFlow documentation and issues tracker☆45Updated 11 months ago
- This is a PoC exploit for CVE-2020-8559 Kubernetes Vulnerability☆54Updated 5 years ago
- Kubernetes POC for utilizing write mount to /var/log for getting a root on the host☆98Updated 4 years ago
- Trace deep kernel events through eBPF and lsm hooks☆39Updated 4 years ago
- Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)☆298Updated 9 months ago
- NVD/CVE as JSON files☆122Updated this week
- 虚拟机带外内存监控☆14Updated 7 years ago
- WAFBench (wb) is a tool to measure the performance of WAF(Web Application Firewall) . It's based on latest code of ab (ApacheBench), and …☆112Updated 3 years ago
- JEB scripts for Golang executables analysis☆131Updated 5 years ago
- Shocker / Docker Breakout PoC☆121Updated 11 years ago
- Copy: Linux process monitoring (exec, fork, exit, set*uid, set*gid)☆31Updated 3 years ago
- Small C application designed to detect LD_PRELOAD malware via the libdl library functions.☆56Updated 9 years ago
- Next generation !☆68Updated 4 years ago
- DNSpooq - dnsmasq cache poisoning (CVE-2020-25686, CVE-2020-25684, CVE-2020-25685)☆99Updated 4 years ago
- Vulnerability Scanner for Detecting Publicly Disclosed Vulnerabilities in Application Dependencies☆23Updated 6 years ago