Alternatives and similar repositories for sysflow

Users that are interested in sysflow are comparing it to the libraries listed below

• Gui774ume / network-security-probe
  A process level network security monitoring and enforcement project for Kubernetes, using eBPF
  ☆44Updated 5 years ago
• redcanaryco / redcanary-ebpf-sensor
  Red Canary's eBPF Sensor
  ☆113Updated 7 months ago
• mole-ids / mole
  Yara powered NIDS with high speed packet capture powered by PF_RING
  ☆69Updated last year
• joshbressers / cve-analysis
  Tools for conducting analysis of CVE data in Elasticsearch
  ☆73Updated 6 months ago
• falcosecurity / event-generator
  Generate a variety of suspect actions that are detected by Falco rulesets
  ☆115Updated 8 months ago
• falcosecurity / rules
  Falco rule repository
  ☆153Updated last week
• Gui774ume / krie
  Linux Kernel Runtime Integrity with eBPF
  ☆184Updated 2 years ago
• StamusNetworks / suricata-language-server
  Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…
  ☆84Updated last month
• falcosecurity / driverkit
  Kit for building Falco drivers: kernel modules or eBPF probes
  ☆69Updated this week
• OpenSCAP / oval-graph
  Understand OVAL results in a blink of an eye
  ☆35Updated 3 years ago
• ossec / ossec-rules
  A repository for OSSEC rules and decoders
  ☆55Updated 2 years ago
• rad-security / fingerprints
  A repository to store Rad Fingerprinting data.
  ☆24Updated last year
• wiz-sec-public / peach-framework
  PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…
  ☆74Updated 3 years ago
• kube-tarian / tarian
  Protect your Cloud Native Applications running on Kubernetes from malicious attacks with pre-registered source code, pre-registered runti…
  ☆58Updated last year
• elastic / ebpf
  Elastic's eBPF
  ☆73Updated last week
• tarsal-oss / kflowd
  Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS, HTTP and SYSLOG App…
  ☆71Updated 9 months ago
• OISF / suricata-verify
  Suricata Verification Tests - Testing Suricata Output
  ☆118Updated last week
• aquasecurity / vuln-list-update
  ☆191Updated 2 weeks ago
• antitree / syscall2seccomp
  Build custom Docker seccomp profiles for containers by finding syscalls it uses.
  ☆91Updated 3 months ago
• linux-lock / bpflock
  bpflock - eBPF driven security for locking and auditing Linux machines
  ☆151Updated 3 years ago
• Zeerg / helix-honeypot
  K8s API Honeypot with Active Defense Capabilities
  ☆44Updated 2 years ago
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆136Updated last year
• falcosecurity / pdig
  ptrace-based event producer for udig
  ☆67Updated 3 years ago
• yasindce1998 / KubeDagger
  Kubernetes offensive framework built in eBPF
  ☆39Updated 2 years ago
• blackberry / Falco-bypasses
  Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).
  ☆88Updated 2 years ago
• falcosecurity / plugins
  Falco plugins registry
  ☆113Updated this week
• Gui774ume / ebpfkit-monitor
  ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits
  ☆139Updated 2 years ago
• vmware-archive / cbsensor-linux-bpf
  Linux endpoint events for BPF enabled systems
  ☆24Updated 3 years ago
• zeek / zeek-agent-v2
  Open source endpoint agent providing host information to Zeek. [v2]
  ☆90Updated last week
• satta / gommunityid
  Go implementation of the Community ID flow hashing standard
  ☆21Updated 9 months ago