Alternatives and similar repositories for cbsensor-linux-kmod:

Users that are interested in cbsensor-linux-kmod are comparing it to the libraries listed below

• vmware-archive / cbsensor-linux-bpf
  Linux endpoint events for BPF enabled systems
  ☆24Updated 2 years ago
• Northern-Lights / yara-parser
  Tools for parsing rulesets using the exact grammar as YARA. Written in Go.
  ☆83Updated 2 years ago
• mole-ids / mole
  Yara powered NIDS with high speed packet capture powered by PF_RING
  ☆69Updated 11 months ago
• mbrengel / yarix
  ☆58Updated 4 years ago
• plyara / plyara
  Parse YARA rules and operate over them more easily.
  ☆187Updated 2 months ago
• elastic / siglearn
  Code for BH21 talk: "Generating YARA Rules by Classifying Malicious Byte Sequences"
  ☆17Updated 2 months ago
• zeek / zeek-agent
  This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2
  ☆123Updated 4 years ago
• avast / yari
  YARI is an interactive debugger for YARA Language.
  ☆88Updated 3 months ago
• EmergingThreats / threatresearch
  Proofpoint - Emerging Threats - Threat Research tools + publicly shared intel and documentation
  ☆72Updated 4 months ago
• arieljt / VTCodeSimilarity-YaraGen
  ☆98Updated 4 years ago
• nao-sec / tknk_scanner
  Community-based integrated malware identification system
  ☆82Updated 2 years ago
• spyre-project / spyre
  simple YARA-based IOC scanner
  ☆168Updated 2 months ago
• 0xrawsec / gene-rules
  ☆40Updated 2 years ago
• certtools / malware_name_mapping
  A mapping of used malware names to commonly known family names
  ☆62Updated 2 years ago
• zom3y3 / ssdc
  ssdeep cluster analysis for malware files
  ☆30Updated 4 years ago
• ohjeongwook / PowerShellRunBox
  Dynamic PowerShell Analysis Framework Based Upon PowerShell Debugging Functionality
  ☆83Updated 2 years ago
• nccgroup / Royal_APT
  Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research
  ☆53Updated 7 years ago
• avast / yarang
  Alternative YARA scanning engine
  ☆70Updated 2 years ago
• OISF / suricata-intel-index
  Suricata rule and intel index
  ☆30Updated last month
• telsy-cyberops / research
  Telsy CTI Research Team
  ☆57Updated 4 years ago
• botherder / go-autoruns
  Collect autorun records from running system
  ☆61Updated 3 years ago
• avast / yls
  YARA Language Server
  ☆71Updated 2 weeks ago
• CERT-Polska / ursadb
  Trigram database written in C++, suited for malware indexing
  ☆125Updated 6 months ago
• williballenthin / python-dotnet-binaryformat
  Pure Python parser for data encoded by .NET's BinaryFormatter
  ☆50Updated 6 years ago
• fullylegit / ja3
  A wireshark/tshark plugin for the JA3 TLS Client Fingerprinting Algorithm
  ☆58Updated last year
• trailofbits / ebpfpub
  ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.
  ☆116Updated 2 years ago
• stvemillertime / ConventionEngine
  ConventionEngine - A Yara Rulepack for PDB Path Hunting
  ☆38Updated 2 years ago
• pathtofile / bpf-hookdetect
  Dectect syscall hooking using eBPF
  ☆151Updated last year
• Velocidex / oleparse
  Golang parser for OLE files
  ☆31Updated last month
• adava / CnCHunter
  This project fully automates the process of analyzing and exploiting IoT malware to find live CnC servers.
  ☆41Updated 9 months ago