tarsal-oss / kflowdView external linksLinks
Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS, HTTP and SYSLOG Application Messages via eBPF Subsystem
☆71Apr 10, 2025Updated 10 months ago
Alternatives and similar repositories for kflowd
Users that are interested in kflowd are comparing it to the libraries listed below
Sorting:
- OCSF Schema Validation☆12Dec 13, 2024Updated last year
- Intent driven security automation framework☆27Aug 12, 2025Updated 6 months ago
- SysFlow collection probe☆16Nov 11, 2025Updated 3 months ago
- User space agent and eBPF programs that provide INT support to end hosts☆15Jan 20, 2022Updated 4 years ago
- Goby CLI eBPF Project Generator☆34Feb 8, 2025Updated last year
- ☆20Jun 14, 2022Updated 3 years ago
- Miscellaneous materials related to the "attested TLS" proof-of-concept☆21Oct 25, 2023Updated 2 years ago
- This repo contains example of raw event examples and possible translations to the OCSF schema.☆52Jul 31, 2025Updated 6 months ago
- Ebpf faqs, samples, tooling☆45Jul 1, 2021Updated 4 years ago
- A tool to render a pie chart of memory usage (bytes_memlock) of BPF maps on the system 🥧☆21Jun 19, 2024Updated last year
- Generate datasets of cloud audit logs for common attacks☆232Updated this week
- Tenzir is the data pipeline engine for security teams.☆719Updated this week
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆225Sep 4, 2024Updated last year
- Open source endpoint agent providing host information to Zeek. [v2]☆90Jan 26, 2026Updated 2 weeks ago
- ☆29Dec 3, 2022Updated 3 years ago
- ☆27Mar 2, 2023Updated 2 years ago
- Zeek package to generate a SMB client fingerprint☆27May 5, 2020Updated 5 years ago
- eBPF Map Prometheus Exporter☆26Aug 1, 2025Updated 6 months ago
- OCSF (https://schema.ocsf.io/) models in Python using Pydantic.☆33Feb 1, 2026Updated last week
- OpenID Shared Signals and Events (SSE) / Continuous Access Evaluation Protocol (CAEP) / Risk Incident Sharing and Coordination (RISC) JSO…☆14Jun 7, 2024Updated last year
- A Python micro framework for building Diameter protocol applications.☆33May 20, 2024Updated last year
- PFCP client simulator used for UPF testing☆29Feb 5, 2026Updated last week
- BPFContain is a container security daemon for GNU/Linux leveraging the power and safety of eBPF and Rust.☆59Jun 30, 2022Updated 3 years ago
- DHCP Fingerprinting☆31Dec 15, 2020Updated 5 years ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆68Apr 29, 2024Updated last year
- 🐝 Ransomware Detection using Machine Learning with eBPF for Linux.☆75Nov 27, 2024Updated last year
- Attestation verification services based on Veraison components☆40Feb 6, 2026Updated last week
- Source-code based coverage for eBPF programs actually running in the Linux kernel☆137Feb 6, 2025Updated last year
- ☆33Jun 12, 2024Updated last year
- Discover least permissive security posture, Network Microsegmentation, and Application behaviour based on visibility/observability data e…☆34May 19, 2025Updated 8 months ago
- ebpf compiler in Go; Write Go, get ebpf☆34Oct 28, 2024Updated last year
- Audit log wall of shame.☆42Aug 20, 2025Updated 5 months ago
- OPI5 open micro desk design.☆13Mar 6, 2023Updated 2 years ago
- Blocks is a plugin for mdbook which preprocesses "Blocks" based markdown into beautiful Bootstrap components.☆11Jun 15, 2024Updated last year
- DevGuard Backend - Secure your Software Supply Chain - Attestation-based compliance as Code, manage your CVEs seamlessly, Integrate your …☆109Updated this week
- Nomic is a game in which changing the rules is a move. Let's play!☆10Jul 11, 2025Updated 7 months ago
- Python wrapper for http://nacl.cace-project.eu/☆30Nov 8, 2021Updated 4 years ago
- ☆11Dec 6, 2017Updated 8 years ago
- A collection of utility scripts and other tools that make working with Crabgrass easier.☆11Apr 3, 2020Updated 5 years ago