tarsal-oss / kflowd
Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS, HTTP and SYSLOG Application Messages via eBPF Subsystem
β44Updated this week
Related projects β
Alternatives and complementary repositories for kflowd
- β83Updated 4 months ago
- π Ransomware Detection using Machine Learning with eBPF for Linux.β53Updated 4 months ago
- Kubernetes offensive framework built in eBPFβ35Updated last year
- Use eBPF to inject chaos into local processesβ60Updated last month
- Red Canary's eBPF Sensorβ101Updated 4 months ago
- β60Updated last year
- monitor and protect SSH sessions with eBPFβ65Updated 3 years ago
- Process behaviour anomaly detection using eBPF and unsupervised-learning Autoencodersβ127Updated 2 years ago
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.β70Updated last year
- Inspect SSL/TLS traffic using eBPFβ16Updated 3 weeks ago
- Elastic's eBPFβ64Updated this week
- Protect your Cloud Native Applications running on Kubernetes from malicious attacks with pre-registered source code, pre-registered runtiβ¦β54Updated 6 months ago
- A repository to store Rad Fingerprinting data.β23Updated 3 months ago
- A toy containers aware firewall built in Rustβ21Updated last year
- A simple mitmproxy blueprint to intercept HTTPS traffic from app running on Kubernetesβ64Updated 4 months ago
- VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilitiesβ101Updated 3 weeks ago
- Intent driven security automation frameworkβ25Updated this week
- An EBPF based IPv4/IPv6 firewall with integrations for OpenZiti Zero-Trust Framework edge-routers and tunnellersβ42Updated last week
- Open Source runtime tool which help to detect malware code execution and run time mis-configuration change on a kubernetes clusterβ35Updated 2 years ago
- A file system events notifier based on eBPFβ57Updated last year
- π Trace syscalls from user-space functions, by using eBPFβ89Updated last month
- bpflock - eBPF driven security for locking and auditing Linux machinesβ136Updated 2 years ago
- A tool to render a pie chart of memory usage (bytes_memlock) of BPF maps on the system π₯§β18Updated 4 months ago
- Red team tool that emulates the SolarWinds CI compromise attack vector.β22Updated 7 months ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.β55Updated 7 months ago
- VED-eBPF: Kernel Exploit and Rootkit Detection using eBPFβ149Updated 2 months ago
- Kubernetes audit logging, when you don't control the control planeβ65Updated this week
- Ingress node firewall implements Kubernetes operator to provision stateless ingress node level firewall rules, stateless ingress node firβ¦β48Updated this week
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.β21Updated 2 months ago
- Kit for building Falco drivers: kernel modules or eBPF probesβ64Updated last week