Alternatives and similar repositories for sysflow:

Users that are interested in sysflow are comparing it to the libraries listed below

• redcanaryco / redcanary-ebpf-sensor
  Red Canary's eBPF Sensor
  ☆101Updated 7 months ago
• Gui774ume / network-security-probe
  A process level network security monitoring and enforcement project for Kubernetes, using eBPF
  ☆42Updated 4 years ago
• rad-security / fingerprints
  A repository to store Rad Fingerprinting data.
  ☆23Updated 7 months ago
• mole-ids / mole
  Yara powered NIDS with high speed packet capture powered by PF_RING
  ☆68Updated 9 months ago
• sttor / awesome-osquery
  Osquery Resources
  ☆60Updated 5 years ago
• sysflow-telemetry / sf-processor
  SysFlow edge processing pipeline
  ☆15Updated last month
• falcosecurity / pdig
  ptrace-based event producer for udig
  ☆67Updated 2 years ago
• ancat / egrets
  egrets monitors egress
  ☆46Updated 4 years ago
• falcosecurity / rules
  Falco rule repository
  ☆112Updated last week
• Gui774ume / krie
  Linux Kernel Runtime Integrity with eBPF
  ☆172Updated last year
• linux-lock / bpflock
  bpflock - eBPF driven security for locking and auditing Linux machines
  ☆144Updated 3 years ago
• StamusNetworks / suricata-language-server
  Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…
  ☆68Updated last month
• joshbressers / cve-analysis
  Tools for conducting analysis of CVE data in Elasticsearch
  ☆74Updated 8 months ago
• yasindce1998 / KubeDagger
  Kubernetes offensive framework built in eBPF
  ☆37Updated last year
• falcosecurity / plugins
  Falco plugins registry
  ☆87Updated this week
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated 3 weeks ago
• blacktop / docker-zeek
  Zeek IDS Dockerfile
  ☆100Updated 2 years ago
• falcosecurity / event-generator
  Generate a variety of suspect actions that are detected by Falco rulesets
  ☆101Updated this week
• sysflow-telemetry / sf-collector
  SysFlow collection probe
  ☆16Updated last month
• sysflow-telemetry / sf-apis
  SysFlow project APIs
  ☆15Updated 8 months ago
• CERTCC / SSVC
  Stakeholder-Specific Vulnerability Categorization
  ☆137Updated this week
• falcosecurity / driverkit
  Kit for building Falco drivers: kernel modules or eBPF probes
  ☆65Updated this week
• CERTCC / VINCE
  VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…
  ☆62Updated 2 weeks ago
• center-for-threat-informed-defense / mappings-explorer
  Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogue…
  ☆54Updated this week
• AbGuthrie / goquery
  Provide a shell like interface by utilizing osquery's distributed API
  ☆81Updated 4 years ago
• Loginsoft-LLC / Linux-Exploit-Detection
  Linux based vulnerabilities (CVE) exploit detection through runtime security using Falco/Osquery/Yara/Sigma
  ☆21Updated last year
• falcosecurity-retire / cloud-native-security-hub
  Cloud Native Security Hub - Security Resources
  ☆54Updated 4 years ago
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆130Updated 6 months ago
• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆69Updated 4 years ago
• jgamblin / CVElk
  Autoconfigured ELK Stack That Contains All EPSS and NVD CVE Data
  ☆49Updated 7 months ago