vmware-archive / cbsensor-linux-kmod
Linux Kernel module for Carbon Black EDR
☆12Updated 4 years ago
Alternatives and similar repositories for cbsensor-linux-kmod:
Users that are interested in cbsensor-linux-kmod are comparing it to the libraries listed below
- Linux endpoint events for BPF enabled systems☆24Updated 2 years ago
- Tools for parsing rulesets using the exact grammar as YARA. Written in Go.☆83Updated 2 years ago
- Red Canary's eBPF Sensor☆101Updated 7 months ago
- ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.☆117Updated last year
- Trace ScriptBlock execution for powershell v2☆40Updated 5 years ago
- Dynamic PowerShell Analysis Framework Based Upon PowerShell Debugging Functionality☆83Updated 2 years ago
- Static based decoders for malware samples☆92Updated 4 years ago
- Alternative YARA scanning engine☆67Updated 2 years ago
- Yara powered NIDS with high speed packet capture powered by PF_RING☆68Updated 9 months ago
- Tracking APT IOCs☆25Updated 4 years ago
- YARI is an interactive debugger for YARA Language.☆88Updated last month
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆123Updated 4 years ago
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆127Updated last year
- Suricata Verification Tests - Testing Suricata Output☆104Updated this week
- simple YARA-based IOC scanner☆166Updated last week
- Golang parser for OLE files☆31Updated 8 months ago
- Ixia ATI team open source or generally public material. Anything added here MUST be approved by Ixia Management.☆65Updated 5 years ago
- zer0m0n driver for cuckoo sandbox☆87Updated 8 years ago
- Wireshark plugin to display Suricata analysis info☆93Updated 3 years ago
- Signature engine for all your logs☆167Updated last year
- Parse YARA rules and operate over them more easily.☆181Updated 2 weeks ago
- eBPF-based EDR for Linux☆16Updated 5 months ago
- Tools for inspecting YARA bytecode