Alternatives and similar repositories for sysflow

Users that are interested in sysflow are comparing it to the libraries listed below

• redcanaryco / redcanary-ebpf-sensor
  Red Canary's eBPF Sensor
  ☆109Updated 2 months ago
• falcosecurity / rules
  Falco rule repository
  ☆131Updated last month
• Gui774ume / network-security-probe
  A process level network security monitoring and enforcement project for Kubernetes, using eBPF
  ☆43Updated 5 years ago
• rad-security / fingerprints
  A repository to store Rad Fingerprinting data.
  ☆24Updated last year
• OISF / suricata-verify
  Suricata Verification Tests - Testing Suricata Output
  ☆112Updated this week
• StamusNetworks / suricata-language-server
  Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…
  ☆79Updated 2 months ago
• OpenSCAP / oval-graph
  Understand OVAL results in a blink of an eye
  ☆35Updated 3 years ago
• zeek / zeek-agent-v2
  Open source endpoint agent providing host information to Zeek. [v2]
  ☆85Updated this week
• falcosecurity / event-generator
  Generate a variety of suspect actions that are detected by Falco rulesets
  ☆106Updated 2 months ago
• mole-ids / mole
  Yara powered NIDS with high speed packet capture powered by PF_RING
  ☆69Updated last year
• center-for-threat-informed-defense / mappings-explorer
  Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogue…
  ☆70Updated last week
• wiz-sec-public / peach-framework
  PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…
  ☆71Updated 2 years ago
• kube-tarian / tarian
  Protect your Cloud Native Applications running on Kubernetes from malicious attacks with pre-registered source code, pre-registered runti…
  ☆56Updated 8 months ago
• falcosecurity / driverkit
  Kit for building Falco drivers: kernel modules or eBPF probes
  ☆66Updated last week
• sttor / awesome-osquery
  Osquery Resources
  ☆61Updated 6 years ago
• linux-lock / bpflock
  bpflock - eBPF driven security for locking and auditing Linux machines
  ☆149Updated 3 years ago
• brimdata / brimcap
  Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
  ☆83Updated 3 months ago
• elastic / ebpf
  Elastic's eBPF
  ☆69Updated last week
• blackberry / Falco-bypasses
  Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).
  ☆83Updated last year
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆134Updated last year
• ossec / ossec-rules
  A repository for OSSEC rules and decoders
  ☆54Updated 2 years ago
• yasindce1998 / KubeDagger
  Kubernetes offensive framework built in eBPF
  ☆38Updated 2 years ago
• k8s-sec / k8s-sec.github.io
  Links and resources for the O'Reilly Kubernetes Security book
  ☆98Updated 4 years ago
• ishiDACo / vulsrepo
  VulsRepo is visualized based on the json report output in vuls.
  ☆35Updated 3 years ago
• falcosecurity / pdig
  ptrace-based event producer for udig
  ☆67Updated 3 years ago
• ancat / egrets
  egrets monitors egress
  ☆46Updated 5 years ago
• openclarity / vmclarity
  VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities
  ☆102Updated 10 months ago
• opencybersecurityalliance / documentation
  OCA-wide documentation shared by all sub-projects and repositories
  ☆33Updated 9 months ago
• wazuh / wazuh-splunk
  Wazuh - Splunk App
  ☆56Updated 11 months ago
• swagitda / security-decision-trees-graphviz
  Decision trees generated via Graphviz to inform pragmatic threat modelling.
  ☆11Updated 4 years ago