Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS, HTTP and SYSLOG Application Messages via eBPF Subsystem
☆71Apr 10, 2025Updated 11 months ago
Alternatives and similar repositories for kflowd
Users that are interested in kflowd are comparing it to the libraries listed below
Sorting:
- OCSF Schema Validation☆13Dec 13, 2024Updated last year
- Intent driven security automation framework☆27Aug 12, 2025Updated 6 months ago
- SysFlow collection probe☆17Nov 11, 2025Updated 3 months ago
- Goby CLI eBPF Project Generator☆34Feb 8, 2025Updated last year
- Repository to archive GCP Documentation for local use☆16Feb 11, 2025Updated last year
- ☆20Jun 14, 2022Updated 3 years ago
- Tenzir is the data pipeline engine for security teams.☆726Updated this week
- Miscellaneous materials related to the "attested TLS" proof-of-concept☆21Oct 25, 2023Updated 2 years ago
- Experimental prometheus exporter for time series forecasting and anomaly detection☆18Mar 7, 2023Updated 3 years ago
- This repo contains example of raw event examples and possible translations to the OCSF schema.☆56Jul 31, 2025Updated 7 months ago
- Network Observability eBPF Agent☆198Updated this week
- A tool to render a pie chart of memory usage (bytes_memlock) of BPF maps on the system 🥧☆21Jun 19, 2024Updated last year
- Generate datasets of cloud audit logs for common attacks☆234Updated this week
- 🚀 A lightweight, fast, and comprehensive solution for traffic analysis and intrusion detection.☆23Mar 2, 2026Updated last week
- An experimental Velociraptor implementation using cloud infrastructure☆26Dec 2, 2025Updated 3 months ago
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆224Sep 4, 2024Updated last year
- Open source endpoint agent providing host information to Zeek. [v2]☆90Mar 2, 2026Updated last week
- HoneyAgents is a PoC demo of an AI-driven system that combines honeypots with autonomous AI agents to detect and mitigate cyber threats. …☆59Jan 5, 2024Updated 2 years ago
- ☆22May 1, 2025Updated 10 months ago
- ☆23Sep 20, 2024Updated last year
- A Python micro framework for building Diameter protocol applications.☆33May 20, 2024Updated last year
- Ingress node firewall implements Kubernetes operator to provision stateless ingress node level firewall rules, stateless ingress node fir…☆71Feb 13, 2026Updated 3 weeks ago
- PFCP client simulator used for UPF testing☆29Updated this week
- BPFContain is a container security daemon for GNU/Linux leveraging the power and safety of eBPF and Rust.☆59Jun 30, 2022Updated 3 years ago
- OCSF (https://schema.ocsf.io/) models in Python using Pydantic.☆35Updated this week
- DHCP Fingerprinting☆31Dec 15, 2020Updated 5 years ago
- Attestation verification services based on Veraison components☆42Updated this week
- Go package to extract client and server hello messages from network packets☆30Nov 30, 2025Updated 3 months ago
- This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malwar…☆41Apr 7, 2025Updated 11 months ago
- Source-code based coverage for eBPF programs actually running in the Linux kernel☆137Feb 6, 2025Updated last year
- Open Authorization API (OAA) development libraries, connectors and resources.☆17Jan 9, 2025Updated last year
- Windows Security Logging☆43Jul 17, 2022Updated 3 years ago
- Mobile Core-Network routing software☆43Feb 26, 2026Updated last week
- ☆33Jun 12, 2024Updated last year
- Discover least permissive security posture, Network Microsegmentation, and Application behaviour based on visibility/observability data e…☆34May 19, 2025Updated 9 months ago
- Example BPF program with LSM hooks☆36Feb 24, 2021Updated 5 years ago
- A standard for reducing log volume without sacrificing analytical capability☆214Feb 21, 2025Updated last year
- Zeek scripts that provide an alternative log file logging TLS/SSL traffic☆12May 4, 2021Updated 4 years ago
- DEPRECATED, use https://github.com/mozilla/mod_authnz_persona instead. An Apache module that implements BrowserID authentication☆19Dec 12, 2013Updated 12 years ago