GO开发而成,用于NIDS HIDS 分析的规则引擎,使用WorkerPool 高性能检测,支持多字段 "和" "或" 检测, 支持频率检测
☆78Feb 8, 2025Updated last year
Alternatives and similar repositories for RuleCat
Users that are interested in RuleCat are comparing it to the libraries listed below
Sorting:
- agent 部分使用go 开发而成,采用插件模式开发而成,配置部分以及agent存活使用etcd。☆20Aug 2, 2021Updated 4 years ago
- Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)☆305Nov 30, 2024Updated last year
- 欺骗防御Linux版本Agent☆13Jul 26, 2021Updated 4 years ago
- 处于原型阶段☆20Nov 30, 2021Updated 4 years ago
- A Linux Host-based Intrusion Detection System based on eBPF.☆457Dec 20, 2023Updated 2 years ago
- 用cel-go重现了长亭xray的poc检测功能的轮子☆297Jun 24, 2022Updated 3 years ago
- 🌏 [WIP]整理好了之后迁移到 cdk-team/document,包含各类容器、K8s攻防场景的CDK文档。☆25Apr 16, 2022Updated 3 years ago
- oauth2研究: 实现代码、漏洞利用、修复方案☆19May 21, 2019Updated 6 years ago
- Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and ser…☆2,559Updated this week
- Sep0lkit's Blog☆15Apr 18, 2020Updated 5 years ago
- 一个Go语言编写的可扩展的蜜罐框架☆17Feb 24, 2022Updated 4 years ago
- Extract passwords from memory with strace☆41Nov 17, 2021Updated 4 years ago
- 开源威胁情报,包含3个组件,2个查询API,1个前端,300万+恶意IP,Go +Redis开发的威胁情报查询API性能良好,恶意IP一直在更新。☆130Oct 14, 2022Updated 3 years ago
- golang 版本的 nc ,支持平时使用的大部分功能,并增加了流量rc4加密☆38Nov 18, 2020Updated 5 years ago
- Golang 解析Wappalyzer指纹库,暂不支持识别☆13Oct 10, 2020Updated 5 years ago
- By Kprobe technology Open Source Host-based Intrusion Detection System(HIDS), from E_Bwill.☆603Apr 1, 2021Updated 4 years ago
- 渗透测试复盘总结☆15Jul 16, 2020Updated 5 years ago
- 安全编排与自动化响应平台☆62Dec 16, 2020Updated 5 years ago
- Yara powered NIDS with high speed packet capture powered by PF_RING☆69May 11, 2024Updated last year
- 安全、快捷、高交互、企业级的蜜罐管理系统,护网;支持多种协议蜜罐、蜜签、诱饵等功能。A safe, fast, highly interactive and enterprise level honeypot management system, supports mult…☆1,273Oct 17, 2023Updated 2 years ago
- Suricata IDS rules 用来检测红队渗透/恶意行为等,支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等☆1,262Jul 8, 2023Updated 2 years ago
- [archived] 一款实验性质的主机入侵检测系统☆2,189Jun 29, 2020Updated 5 years ago
- 傻瓜式漏洞PoC测试框架☆1,444Oct 30, 2023Updated 2 years ago
- 40行代码检测到大部分CobaltStrike的shellcode☆294Jul 25, 2021Updated 4 years ago
- A system that may trick hackers. 针对黑客的拟态欺骗系统。☆454Nov 20, 2025Updated 3 months ago
- An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability☆469Sep 16, 2023Updated 2 years ago
- golang shellcode loader 远程图片隐写加载执行 无文件落地☆191Feb 12, 2022Updated 4 years ago
- x-crack - Weak password scanner, Support: FTP/SSH/SNMP/MSSQL/MYSQL/PostGreSQL/REDIS/ElasticSearch/MONGODB☆1,283May 22, 2024Updated last year
- 检测绝大部分所谓的内存免杀马☆735Sep 15, 2022Updated 3 years ago
- Linux EDR written in Golang and based on eBPF.☆243May 24, 2022Updated 3 years ago
- 基于Flink实现实时冰蝎(Behinder)流量检测☆39Sep 30, 2019Updated 6 years ago
- async in golang☆12Oct 31, 2025Updated 4 months ago
- 《白帽子安全开发实战》配套代码☆994Mar 15, 2021Updated 4 years ago
- The world's most powerful System Activity Monitor Engine · 一款功能强大的终端行为采集防御开发套件 ~ 旨在帮助EDR、零信任、数据安全、审计管控等终端安全软件可以快速实现产品功能, 而不用关心底层…☆373Feb 19, 2025Updated last year
- ☆145Jun 20, 2018Updated 7 years ago
- Linux命令转发记录☆62Jul 15, 2019Updated 6 years ago
- 一个由长亭自研,直观而可扩展的容器安全 SDK☆121May 26, 2023Updated 2 years ago
- asset-scan是一款适用甲方企业的外网资产周期性扫描监控系统☆240Apr 19, 2020Updated 5 years ago
- 一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-442…☆126Dec 11, 2021Updated 4 years ago