Linux audit userspace repository
☆700Feb 28, 2026Updated this week
Alternatives and similar repositories for audit-userspace
Users that are interested in audit-userspace are comparing it to the libraries listed below
Sorting:
- GitHub mirror of the Linux Kernel's audit repository☆158Feb 23, 2026Updated last week
- Documentation and specifications☆203Jan 24, 2025Updated last year
- Best Practice Auditd Configuration☆1,764Nov 27, 2025Updated 3 months ago
- This is an R shiny app that visualizes audit data using many tools all in one app.☆37Jun 4, 2021Updated 4 years ago
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆822Jul 8, 2020Updated 5 years ago
- A simple, self-contained regression test suite for the Linux Kernel's audit subsystem☆24Dec 16, 2025Updated 2 months ago
- go-audit is an alternative to the auditd daemon that ships with many distros☆1,658Dec 22, 2025Updated 2 months ago
- Cloud Native Runtime Security☆8,690Feb 23, 2026Updated last week
- Anything Sysmon related from the MSTIC R&D team☆156Jun 8, 2024Updated last year
- This is the upstream repository for the Security Enhanced Linux (SELinux) userland libraries and tools. The software provided by this pro…☆1,560Feb 2, 2026Updated last month
- OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, roo…☆5,019Feb 9, 2026Updated 3 weeks ago
- A repository for using osquery for incident detection and response☆881Sep 8, 2025Updated 5 months ago
- ☆41Jan 15, 2021Updated 5 years ago
- Wazuh - Ruleset☆508Sep 19, 2024Updated last year
- Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and sys…☆15,339Jan 28, 2026Updated last month
- Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OIS…☆6,022Updated this week
- Linux system exploration and troubleshooting tool with first class support for containers☆8,208Jan 29, 2026Updated last month
- Linux Runtime Security and Forensics using eBPF☆4,388Feb 18, 2026Updated last week
- BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more☆22,250Feb 24, 2026Updated last week
- Mapping the MITRE ATT&CK Matrix with Osquery☆806May 11, 2023Updated 2 years ago
- Collection of Auditd Examples and Presentations☆88Oct 16, 2020Updated 5 years ago
- go-libaudit is a library for communicating with the Linux Audit Framework.☆156May 15, 2025Updated 9 months ago
- Linux Kernel Runtime Guard☆574Jan 30, 2026Updated last month
- ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.☆119Feb 13, 2026Updated 2 weeks ago
- Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.☆14,828Updated this week
- Auditd plugin that forwards audit events to OMS Agent for Linux☆28Jan 28, 2026Updated last month
- Upstream shadow tree☆370Feb 24, 2026Updated last week
- Main Sigma Rule Repository☆10,145Feb 19, 2026Updated last week
- GRR Rapid Response: remote live forensics for incident response☆5,041Feb 16, 2026Updated 2 weeks ago
- aide source code☆686Jan 31, 2026Updated last month
- Transform Linux Audit logs for SIEM usage☆815Updated this week
- Linux #rootkit and #malware revealer☆31Aug 1, 2024Updated last year
- CEF plugin for audisp (Linux Audit)☆23Aug 19, 2016Updated 9 years ago
- ☆3,088Updated this week
- bpflock - eBPF driven security for locking and auditing Linux machines☆151Feb 16, 2022Updated 4 years ago
- Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.☆7,496Updated this week
- A flexible control server for osquery fleets☆1,099Dec 15, 2020Updated 5 years ago
- Linux PAM (Pluggable Authentication Modules for Linux) project☆762Feb 18, 2026Updated last week
- A Linux version of the ProcDump Sysinternals tool☆3,058Nov 11, 2025Updated 3 months ago