njcx / Artemis_HIDSLinks
使用 cgroups + etcd + kafka + netlink-connector 开发而成的hids的架构,agent 部分使用go 开发而成, 会把采集的数据写入到kafka里面,由后端的规则引擎(go开发而成)消费,配置部分以及agent存活使用etcd。
☆19Updated 4 years ago
Alternatives and similar repositories for Artemis_HIDS
Users that are interested in Artemis_HIDS are comparing it to the libraries listed below
Sorting:
- GO开发而成,用于NIDS HIDS 分析的规则引擎,使用WorkerPool 高性能检测,支持多字段 "和" "或" 检测, 支持频率检测☆77Updated 7 months ago
- Elkeid HUB is a rule/event processing engine maintained by the Elkeid Team that supports streaming/offline (not yet supported by the comm…☆99Updated 2 years ago
- 通过Linux netlink NETLINK_CONNECTOR 协议实时进行监控本机进程情况。☆13Updated 5 years ago
- Suricata安装部署&丢包优化&性能调优&规则调整&Pfring设置☆143Updated 5 years ago
- Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)☆298Updated 10 months ago
- HIDS全称是Host-based Intrusion Detection System,即基于主机型入侵检测系统,HIDS运行依赖这样一个原理:一个成功的入侵者一般而言都会留下他们入侵的痕迹。本人更倾向于通过记录主机的重要信息变更来发现入侵者。 本项目由两部分组成:一部分…☆106Updated 7 years ago
- Copy: Linux process monitoring (exec, fork, exit, set*uid, set*gid)☆31Updated 3 years ago
- Linux命令转发记录☆64Updated 6 years ago
- A simple web platform for WatchAD☆110Updated 2 years ago
- Go Agent is a go application probe of DongTai IAST, which collects method invocation data during runtime of Go application by dynamic hoo…☆41Updated 8 months ago
- 天御攻防实验室 - 威胁猎杀实战系列☆102Updated 6 years ago
- ☆30Updated last year
- Enterprise Security Data Pipeline Platform (SDPP) with Integrated Real-Time Threat Detection Engine☆54Updated last week
- A Flexible Log Analysis System Based on Golang and Lua-Plugins. 插件化的准实时日志分析系统。☆94Updated 4 years ago
- 安全开发教学 - 用Docker制作一个高交互ssh蜜罐☆71Updated 7 years ago
- ☆24Updated last year
- IDS协议识别测试流量☆21Updated 6 years ago
- 威胁情报采集系统☆33Updated 2 years ago
- 红蓝对抗量化评估系统(Red Team Assessment Scoring System)☆210Updated 2 years ago
- 一个免费的镜像漏洞扫描工具, 可以扫描镜像中已安装软件包的漏洞,支持中文漏洞库,可与 Harbor 无缝集成。☆107Updated 3 years ago
- tcppc: A simple honeypot to capture TCP/TLS/UDP payloads on ALL ports.☆35Updated 5 years ago
- ATT&CK 中文版☆61Updated 8 months ago
- 企业安全测试主动攻击型蜜罐钓鱼框架系统☆39Updated 4 years ago
- 安全编排与自动化响应平台☆62Updated 4 years ago
- a PoC for Linux to get around agents that log commands being executed, without root privilege. Linux低权限模糊化执行的程序名和参数,避开基于execve系统调用监控的命令日志☆242Updated 6 years ago
- 资料分享☆228Updated last year
- 一个由长亭自研,直观而可扩展的容器安全 SDK☆122Updated 2 years ago
- ☆30Updated 2 years ago
- 开源威胁情报,包含3个组件,2个查询API,1个前端,300万+恶意IP,Go +Redis开发的威胁情报查询API性能良好,恶意IP一直在更新。☆130Updated 2 years ago
- 一款企业安全主动攻击型蜜罐钓鱼框架系统☆115Updated 6 years ago