Alternatives and similar repositories for sysflow:

Users that are interested in sysflow are comparing it to the libraries listed below

• Gui774ume / network-security-probe
  A process level network security monitoring and enforcement project for Kubernetes, using eBPF
  ☆42Updated 4 years ago
• redcanaryco / redcanary-ebpf-sensor
  Red Canary's eBPF Sensor
  ☆101Updated 6 months ago
• ancat / egrets
  egrets monitors egress
  ☆46Updated 4 years ago
• sttor / awesome-osquery
  Osquery Resources
  ☆60Updated 5 years ago
• mole-ids / mole
  Yara powered NIDS with high speed packet capture powered by PF_RING
  ☆67Updated 8 months ago
• sysflow-telemetry / sf-collector
  SysFlow collection probe
  ☆16Updated 3 weeks ago
• falcosecurity / rules
  Falco rule repository
  ☆105Updated this week
• StamusNetworks / suricata-language-server
  Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…
  ☆66Updated 2 weeks ago
• regit / suriwire
  Wireshark plugin to display Suricata analysis info
  ☆93Updated 3 years ago
• joshbressers / cve-analysis
  Tools for conducting analysis of CVE data in Elasticsearch
  ☆74Updated 6 months ago
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆129Updated 5 months ago
• rad-security / fingerprints
  A repository to store Rad Fingerprinting data.
  ☆23Updated 5 months ago
• OISF / suricata-verify
  Suricata Verification Tests - Testing Suricata Output
  ☆104Updated this week
• Gui774ume / krie
  Linux Kernel Runtime Integrity with eBPF
  ☆172Updated last year
• wiz-sec-public / peach-framework
  PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…
  ☆67Updated 2 years ago
• brimdata / brimcap
  Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
  ☆79Updated 3 months ago
• falcosecurity / pdig
  ptrace-based event producer for udig
  ☆67Updated 2 years ago
• OTRF / openhunt
  ☆33Updated 3 years ago
• falcosecurity / driverkit
  Kit for building Falco drivers: kernel modules or eBPF probes
  ☆65Updated this week
• falcosecurity / plugins
  Falco plugins registry
  ☆87Updated this week
• Zeerg / helix-honeypot
  K8s API Honeypot with Active Defense Capabilities
  ☆40Updated last year
• sysflow-telemetry / sf-apis
  SysFlow project APIs
  ☆15Updated 7 months ago
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated 2 months ago
• CERTCC / VINCE
  VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…
  ☆60Updated last month
• blackberry / Falco-bypasses
  Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).
  ☆80Updated last year
• spyre-project / spyre
  simple YARA-based IOC scanner
  ☆165Updated 3 weeks ago
• OpenSCAP / oval-graph
  Understand OVAL results in a blink of an eye
  ☆35Updated 2 years ago
• DCSO / fever
  fast, extensible, versatile event router for Suricata's EVE-JSON format
  ☆51Updated 6 months ago
• redcanaryco / ebpfmon
  ☆85Updated 6 months ago
• sysflow-telemetry / sf-processor
  SysFlow edge processing pipeline
  ☆14Updated 2 weeks ago