redcanaryco / redcanary-ebpf-sensorLinks
Red Canary's eBPF Sensor
☆107Updated last week
Alternatives and similar repositories for redcanary-ebpf-sensor
Users that are interested in redcanary-ebpf-sensor are comparing it to the libraries listed below
Sorting:
- ☆88Updated 11 months ago
- Linux Kernel Runtime Integrity with eBPF☆179Updated last year
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆132Updated 2 years ago
- bpflock - eBPF driven security for locking and auditing Linux machines☆147Updated 3 years ago
- VED-eBPF: Kernel Exploit and Rootkit Detection using eBPF☆158Updated 9 months ago
- The Linux port of the Sysinternals Sysmon tool.☆263Updated 3 months ago
- ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.☆116Updated 2 years ago
- monitor and protect SSH sessions with eBPF☆69Updated 3 years ago
- Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS, HTTP and SYSLOG App…☆65Updated 2 months ago
- An eBPF playground☆206Updated last year
- A Rust library for managing eBPF programs.☆120Updated last year
- Elastic's eBPF☆68Updated 2 weeks ago
- Cisco Orbital - Osquery queries by Talos☆134Updated 9 months ago
- Trace deep kernel events through eBPF and lsm hooks☆37Updated 4 years ago
- A process level network security monitoring and enforcement project for Kubernetes, using eBPF☆43Updated 5 years ago
- Linpmem is a linux memory acquisition tool☆84Updated last year
- Anything Sysmon related from the MSTIC R&D team☆153Updated last year
- Dectect syscall hooking using eBPF☆154Updated 2 years ago
- Falco rule repository☆126Updated this week
- Open source endpoint agent providing host information to Zeek. [v2]☆83Updated this week
- A guide on how to write fast and memory friendly YARA rules☆144Updated 4 months ago
- Osquery Resources☆60Updated 5 years ago
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆249Updated 2 years ago
- Alternative YARA scanning engine☆70Updated 2 years ago
- ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).☆113Updated 9 months ago
- convert ELF/DWARF symbol and type information into vol3's intermediate JSON☆122Updated 8 months ago
- An implementation of a Windows Event Collector server running on GNU/Linux.☆73Updated last month
- eBPF - extended Berkeley Packet Filter tooling☆122Updated 2 years ago
- Automated YARA Rule Standardization and Quality Assurance Tool☆224Updated last week
- SysFlow documentation and issues tracker☆46Updated 8 months ago