microsoft / SysinternalsEBPFLinks
The Linux port of the Sysinternals Sysmon tool.
☆276Updated 2 weeks ago
Alternatives and similar repositories for SysinternalsEBPF
Users that are interested in SysinternalsEBPF are comparing it to the libraries listed below
Sorting:
- Red Canary's eBPF Sensor☆110Updated 3 months ago
- convert ELF/DWARF symbol and type information into vol3's intermediate JSON☆134Updated last year
- VED-eBPF: Kernel Exploit and Rootkit Detection using eBPF☆167Updated last year
- Windows Registry Knowledge Base☆187Updated last year
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆137Updated 2 years ago
- Detection in the form of Yara, Snort and ClamAV signatures.☆237Updated 11 months ago
- MSR Project Freta☆77Updated last year
- Library and tools to access the Windows Prefetch File (SCCA) format.☆79Updated 3 weeks ago
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆258Updated 2 years ago
- Linpmem is a linux memory acquisition tool☆88Updated 3 months ago
- capemon: CAPE's monitor☆127Updated this week
- Security testing tools for Windows sandboxing technologies☆172Updated 5 months ago
- This repository contains the demo material built on top of ebpf-for-windows platform.☆45Updated last year
- Sysmon for Linux☆1,965Updated 3 months ago
- Anything Sysmon related from the MSTIC R&D team☆156Updated last year
- A wireshark plugin to instrument ETW☆569Updated 3 years ago
- View ETW Provider manifest☆530Updated 11 months ago
- The common parts of the Sysinternals Sysmon tool shared between the Windows and Linux versions.☆64Updated 8 months ago
- Linux Kernel Runtime Integrity with eBPF☆183Updated last year
- Dectect syscall hooking using eBPF☆161Updated 2 years ago
- SysmonX - An Augmented Drop-In Replacement of Sysmon☆214Updated 6 years ago
- ☆150Updated last year
- Vault Exploit Defense☆128Updated last year
- A DTrace on Windows Reimplementation☆359Updated this week
- ☆89Updated last year
- Library and tools to access the Windows XML Event Log (EVTX) format☆213Updated last year
- A repository of my presentations☆168Updated last year
- ETW Python Library☆290Updated 2 years ago
- Elastic Security Labs releases☆81Updated this week
- Event Trace Log file parser in pure Python☆147Updated 4 years ago