vmware-archive / cbsensor-linux-kmodLinks
Linux Kernel module for Carbon Black EDR
☆12Updated 4 years ago
Alternatives and similar repositories for cbsensor-linux-kmod
Users that are interested in cbsensor-linux-kmod are comparing it to the libraries listed below
Sorting:
- Linux endpoint events for BPF enabled systems☆24Updated 2 years ago
- Parse YARA rules and operate over them more easily.☆191Updated 6 months ago
- Red Canary's eBPF Sensor☆109Updated 2 months ago
- Linux Kernel Runtime Integrity with eBPF☆182Updated last year
- The Linux port of the Sysinternals Sysmon tool.☆275Updated 2 months ago
- Automatically generate AV byte signatures from sets of similar binaries.☆279Updated 8 months ago
- Tools for parsing rulesets using the exact grammar as YARA. Written in Go.☆85Updated 2 years ago
- x86 emulation and shellcode detection☆152Updated last year
- ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.☆117Updated 2 years ago
- Symbol hash for ELF files☆112Updated 3 years ago
- SysmonX - An Augmented Drop-In Replacement of Sysmon☆215Updated 5 years ago
- Yara powered NIDS with high speed packet capture powered by PF_RING☆69Updated last year
- Trigram database written in C++, suited for malware indexing☆126Updated 10 months ago
- ☆44Updated 7 years ago
- Suricata Verification Tests - Testing Suricata Output☆115Updated this week
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆136Updated 2 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆123Updated 4 years ago
- gyp: A pure Go YARA parser☆106Updated last year
- ☆97Updated 4 years ago
- Automated Yara Rule generation using Biclustering☆70Updated 4 years ago
- Command-line and Python debugger for instrumenting and modifying native software behavior on Windows and Linux.☆164Updated 2 years ago
- BASS - BASS Automated Signature Synthesizer☆177Updated 6 years ago
- ETW Python Library☆288Updated 2 years ago
- Security ML models encoded as Yara rules☆213Updated 2 years ago
- ☆60Updated 4 years ago
- eBPF - extended Berkeley Packet Filter tooling☆124Updated 3 years ago
- simple YARA-based IOC scanner☆169Updated 2 weeks ago
- Parsing of YARA rules into AST and building new rulesets in C++.☆126Updated last week
- osquery extensions by Trail of Bits☆264Updated 2 years ago
- SAFE embeddings to match functions in yara☆100Updated 5 years ago