Alternatives and similar repositories for sysflow

Users that are interested in sysflow are comparing it to the libraries listed below

• Gui774ume / network-security-probe
  A process level network security monitoring and enforcement project for Kubernetes, using eBPF
  ☆43Updated 4 years ago
• redcanaryco / redcanary-ebpf-sensor
  Red Canary's eBPF Sensor
  ☆107Updated 2 weeks ago
• sttor / awesome-osquery
  Osquery Resources
  ☆60Updated 5 years ago
• mole-ids / mole
  Yara powered NIDS with high speed packet capture powered by PF_RING
  ☆69Updated last year
• sysflow-telemetry / sf-collector
  SysFlow collection probe
  ☆16Updated 4 months ago
• joshbressers / cve-analysis
  Tools for conducting analysis of CVE data in Elasticsearch
  ☆74Updated 2 weeks ago
• yasindce1998 / KubeDagger
  Kubernetes offensive framework built in eBPF
  ☆37Updated 2 years ago
• rad-security / fingerprints
  A repository to store Rad Fingerprinting data.
  ☆24Updated 10 months ago
• Gui774ume / krie
  Linux Kernel Runtime Integrity with eBPF
  ☆177Updated last year
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆131Updated 9 months ago
• StamusNetworks / suricata-language-server
  Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…
  ☆70Updated 2 weeks ago
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated last month
• ancat / egrets
  egrets monitors egress
  ☆46Updated 5 years ago
• wiz-sec-public / peach-framework
  PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…
  ☆70Updated 2 years ago
• sysflow-telemetry / sf-processor
  SysFlow edge processing pipeline
  ☆16Updated 4 months ago
• falcosecurity / rules
  Falco rule repository
  ☆125Updated this week
• spyre-project / spyre
  simple YARA-based IOC scanner
  ☆169Updated 3 months ago
• zeek / zeek-osquery
  Bro/Zeek integration with osquery
  ☆94Updated 4 years ago
• OTRF / openhunt
  ☆34Updated 3 years ago
• falcosecurity / driverkit
  Kit for building Falco drivers: kernel modules or eBPF probes
  ☆65Updated 2 weeks ago
• falcosecurity / pdig
  ptrace-based event producer for udig
  ☆67Updated 2 years ago
• opencybersecurityalliance / kestrel-lang
  Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.
  ☆315Updated 8 months ago
• elastic / ebpf
  Elastic's eBPF
  ☆68Updated last month
• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆71Updated 4 years ago
• opencybersecurityalliance / firepit
  Firepit - STIX Columnar Storage
  ☆16Updated 11 months ago
• center-for-threat-informed-defense / mappings-explorer
  Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogue…
  ☆62Updated last month
• sealingtech / EDCOP
  Expandable Defensive Cyber Operations Platform
  ☆43Updated 2 years ago
• vfeedio / pyvfeed
  Python API for vFeed Vulnerability & Threat Intelligence Database Enterprise & Pro Editions
  ☆101Updated 2 years ago
• CERTCC / SSVC
  Stakeholder-Specific Vulnerability Categorization
  ☆150Updated this week
• bradleyjkemp / sigma-go
  A Go implementation and parser for Sigma rules.
  ☆89Updated 2 weeks ago