Alternatives and similar repositories for cbsensor-linux-kmod

Users that are interested in cbsensor-linux-kmod are comparing it to the libraries listed below

• vmware-archive / cbsensor-linux-bpf
  Linux endpoint events for BPF enabled systems
  ☆24Updated 2 years ago
• Northern-Lights / yara-parser
  Tools for parsing rulesets using the exact grammar as YARA. Written in Go.
  ☆85Updated 2 years ago
• trailofbits / ebpfpub
  ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.
  ☆116Updated 2 years ago
• therealdreg / lsrootkit
  Rootkit Detector for UNIX
  ☆61Updated last year
• vmware / kernel-event-collector-module
  This is the Linux kernel module event collector for the Carbon Black Cloud.
  ☆18Updated last year
• conix-security / machoke
  ☆52Updated 6 years ago
• denisugarte / PowerDrive
  A tool for de-obfuscating PowerShell scripts
  ☆68Updated 6 years ago
• ForensicITGuy / libpreloadvaccine
  Whitelisting LD_PRELOAD libraries using LD_AUDIT
  ☆63Updated 3 years ago
• angelkillah / zer0m0n
  zer0m0n driver for cuckoo sandbox
  ☆87Updated 8 years ago
• google / vxsig
  Automatically generate AV byte signatures from sets of similar binaries.
  ☆273Updated 6 months ago
• Gui774ume / ebpfkit-monitor
  ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits
  ☆132Updated 2 years ago
• nao-sec / tknk_scanner
  Community-based integrated malware identification system
  ☆82Updated 2 years ago
• tianweiz07 / Cloud_Integrity
  Using LibVMI to detect malware
  ☆31Updated 3 years ago
• CERT-Polska / ursadb
  Trigram database written in C++, suited for malware indexing
  ☆125Updated 8 months ago
• phdphuc / mac-a-mal-cuckoo
  The current repository contains all the scripts needed to complement kernel-mode mac-a-mal malicious activity hooking on macOS to Cuckoo …
  ☆50Updated 7 years ago
• plyara / plyara
  Parse YARA rules and operate over them more easily.
  ☆191Updated 4 months ago
• airbus-cert / PSTrace
  Trace ScriptBlock execution for powershell v2
  ☆40Updated 5 years ago
• pathtofile / bpf-pipesnoop
  Example program using eBPF to log data being based in using shell pipes
  ☆41Updated 4 years ago
• ohjeongwook / PowerShellRunBox
  Dynamic PowerShell Analysis Framework Based Upon PowerShell Debugging Functionality
  ☆83Updated 2 years ago
• pathtofile / commandline_cloaking
  A collection of projects demonstrating various commandline cloaking techniques on Linux
  ☆58Updated 2 years ago
• williballenthin / python-dotnet-binaryformat
  Pure Python parser for data encoded by .NET's BinaryFormatter
  ☆50Updated 6 years ago
• 0xrawsec / gene
  Signature engine for all your logs
  ☆170Updated last year
• elfmaster / kprobe_rootkit
  Linux kernel rootkit using kprobes (From http://phrack.org/issues/67/6.html)
  ☆38Updated 10 years ago
• ivision-research / gostringsr2
  Find strings in Go binaries
  ☆53Updated 5 years ago
• hillu / yara-rules-re
  Tools for inspecting YARA bytecode
  ☆17Updated 4 years ago
• 0xAnalyst / Sysmon
  Sysmon config for both Windows and Linux Devices. Windows one is a bit dated
  ☆57Updated 11 months ago
• stvemillertime / ConventionEngine
  ConventionEngine - A Yara Rulepack for PDB Path Hunting
  ☆38Updated 2 years ago
• nccgroup / Royal_APT
  Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research
  ☆53Updated 7 years ago
• mbrengel / yarix
  ☆59Updated 4 years ago
• trendmicro / telfhash
  Symbol hash for ELF files
  ☆111Updated 3 years ago