Alternatives and similar repositories for cbsensor-linux-kmod

Users that are interested in cbsensor-linux-kmod are comparing it to the libraries listed below

• vmware-archive / cbsensor-linux-bpf
  Linux endpoint events for BPF enabled systems
  ☆24Updated 2 years ago
• vmware / kernel-event-collector-module
  This is the Linux kernel module event collector for the Carbon Black Cloud.
  ☆18Updated last year
• Northern-Lights / yara-parser
  Tools for parsing rulesets using the exact grammar as YARA. Written in Go.
  ☆83Updated 2 years ago
• stvemillertime / ConventionEngine
  ConventionEngine - A Yara Rulepack for PDB Path Hunting
  ☆38Updated 2 years ago
• Gui774ume / krie
  Linux Kernel Runtime Integrity with eBPF
  ☆175Updated last year
• Velocidex / oleparse
  Golang parser for OLE files
  ☆31Updated 2 months ago
• elastic / siglearn
  Code for BH21 talk: "Generating YARA Rules by Classifying Malicious Byte Sequences"
  ☆17Updated 3 months ago
• angelkillah / zer0m0n
  zer0m0n driver for cuckoo sandbox
  ☆87Updated 8 years ago
• goretk / pygore
  pyGoRE - Python library for analyzing Go binaries
  ☆64Updated 3 years ago
• airbus-cert / etl-parser
  Event Trace Log file parser in pure Python
  ☆140Updated 4 years ago
• trailofbits / ebpfpub
  ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.
  ☆116Updated 2 years ago
• nao-sec / tknk_scanner
  Community-based integrated malware identification system
  ☆82Updated 2 years ago
• ohjeongwook / PowerShellRunBox
  Dynamic PowerShell Analysis Framework Based Upon PowerShell Debugging Functionality
  ☆83Updated 2 years ago
• mole-ids / mole
  Yara powered NIDS with high speed packet capture powered by PF_RING
  ☆69Updated last year
• pathtofile / bpf-hookdetect
  Dectect syscall hooking using eBPF
  ☆153Updated 2 years ago
• fxb-cocacoding / ssl_decrypt
  A short proof-of-concept how to decrypt ssl traffic WITHOUT the server private TLS certificate
  ☆15Updated 6 years ago
• immortalp0ny / yarg
  Yet another rule generator for Yara
  ☆28Updated 4 years ago
• ForensicITGuy / libpreloadvaccine
  Whitelisting LD_PRELOAD libraries using LD_AUDIT
  ☆63Updated 3 years ago
• trendmicro / telfhash
  Symbol hash for ELF files
  ☆110Updated 3 years ago
• 0xrawsec / gene-rules
  ☆40Updated 2 years ago
• libyal / libevt
  Library and tools to access the Windows Event Log (EVT) format
  ☆59Updated 10 months ago
• conix-security / machoke
  ☆51Updated 6 years ago
• Cisco-Talos / CASC
  ☆42Updated 6 years ago
• zom3y3 / ssdc
  ssdeep cluster analysis for malware files
  ☆30Updated 4 years ago
• hillu / yara-rules-re
  Tools for inspecting YARA bytecode
  ☆17Updated 4 years ago
• mbrengel / yarix
  ☆58Updated 4 years ago
• satta / gommunityid
  Go implementation of the Community ID flow hashing standard
  ☆20Updated last month
• elfmaster / kprobe_rootkit
  Linux kernel rootkit using kprobes (From http://phrack.org/issues/67/6.html)
  ☆39Updated 10 years ago
• buffer / libemu
  x86 emulation and shellcode detection
  ☆151Updated last year
• airbus-cert / PSTrace
  Trace ScriptBlock execution for powershell v2
  ☆40Updated 5 years ago