sysflow-telemetry / sysflowLinks
SysFlow documentation and issues tracker
☆46Updated 10 months ago
Alternatives and similar repositories for sysflow
Users that are interested in sysflow are comparing it to the libraries listed below
Sorting:
- Red Canary's eBPF Sensor☆108Updated last month
- A process level network security monitoring and enforcement project for Kubernetes, using eBPF☆43Updated 5 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆78Updated last month
- Yara powered NIDS with high speed packet capture powered by PF_RING☆69Updated last year
- Suricata Verification Tests - Testing Suricata Output☆112Updated 2 weeks ago
- Open source endpoint agent providing host information to Zeek. [v2]☆85Updated 3 weeks ago
- Generate a variety of suspect actions that are detected by Falco rulesets☆106Updated 2 months ago
- Falco rule repository☆130Updated last week
- A repository to store Rad Fingerprinting data.☆24Updated last year
- Kit for building Falco drivers: kernel modules or eBPF probes☆66Updated this week
- Cisco Orbital - Osquery queries by Talos☆134Updated 11 months ago
- Elastic's eBPF☆69Updated 3 weeks ago
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆123Updated 4 years ago
- simple YARA-based IOC scanner☆169Updated this week
- Linux Kernel Runtime Integrity with eBPF☆180Updated last year
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated last month
- Understand OVAL results in a blink of an eye☆35Updated 3 years ago
- Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)☆83Updated 3 months ago
- Expandable Defensive Cyber Operations Platform☆43Updated 2 years ago
- Build a local copy of MITRE ATT&CK and CAPEC. Server mode for easy querying.☆33Updated last month
- K8s API Honeypot with Active Defense Capabilities☆40Updated last year
- ☆89Updated last year
- bpflock - eBPF driven security for locking and auditing Linux machines☆149Updated 3 years ago
- Automated testing, generation & manipulation of #osquery packs☆73Updated 9 months ago
- Build a local copy of CPE(Common Platform Enumeration)☆103Updated last month
- ☆185Updated this week
- A repository for OSSEC rules and decoders☆54Updated last year
- Zeek package for tracking long connections to report them before they have completed.☆30Updated 3 weeks ago
- egrets monitors egress☆46Updated 5 years ago
- PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…☆71Updated 2 years ago