Alternatives and similar repositories for cbsensor-linux-kmod

Users that are interested in cbsensor-linux-kmod are comparing it to the libraries listed below

• vmware-archive / cbsensor-linux-bpf
  Linux endpoint events for BPF enabled systems
  ☆24Updated 2 years ago
• plyara / plyara
  Parse YARA rules and operate over them more easily.
  ☆191Updated 5 months ago
• Northern-Lights / yara-parser
  Tools for parsing rulesets using the exact grammar as YARA. Written in Go.
  ☆85Updated 2 years ago
• microsoft / SysinternalsEBPF
  The Linux port of the Sysinternals Sysmon tool.
  ☆269Updated 2 weeks ago
• OISF / suricata-verify
  Suricata Verification Tests - Testing Suricata Output
  ☆111Updated this week
• airbus-cert / etl-parser
  Event Trace Log file parser in pure Python
  ☆143Updated 4 years ago
• marcosd4h / sysmonx
  SysmonX - An Augmented Drop-In Replacement of Sysmon
  ☆215Updated 5 years ago
• spyre-project / spyre
  simple YARA-based IOC scanner
  ☆169Updated last week
• redcanaryco / redcanary-ebpf-sensor
  Red Canary's eBPF Sensor
  ☆108Updated last month
• zeek / zeek-agent
  This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2
  ☆123Updated 4 years ago
• arieljt / VTCodeSimilarity-YaraGen
  ☆98Updated 4 years ago
• 0xrawsec / golang-evtx
  ☆165Updated 2 years ago
• google / vxsig
  Automatically generate AV byte signatures from sets of similar binaries.
  ☆275Updated 7 months ago
• libyal / libevtx
  Library and tools to access the Windows XML Event Log (EVTX) format
  ☆211Updated 9 months ago
• trailofbits / ebpfpub
  ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.
  ☆116Updated 2 years ago
• mole-ids / mole
  Yara powered NIDS with high speed packet capture powered by PF_RING
  ☆69Updated last year
• johnjohnsp1 / capsule8
  Capsule8: open-source cloud-native behavioral security monitoring
  ☆33Updated 7 years ago
• ForensicITGuy / libpreloadvaccine
  Whitelisting LD_PRELOAD libraries using LD_AUDIT
  ☆63Updated 3 years ago
• ctxis / RDP-Replay
  Replay RDP traffic from PCAP
  ☆194Updated 6 years ago
• 0xrawsec / gene
  Signature engine for all your logs
  ☆169Updated last year
• SpiderLabs / IOCs-IDPS
  This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)
  ☆104Updated 3 years ago
• buffer / libemu
  x86 emulation and shellcode detection
  ☆152Updated last year
• ohjeongwook / PowerShellRunBox
  Dynamic PowerShell Analysis Framework Based Upon PowerShell Debugging Functionality
  ☆83Updated 2 years ago
• volatilityfoundation / dwarf2json
  convert ELF/DWARF symbol and type information into vol3's intermediate JSON
  ☆125Updated 9 months ago
• trendmicro / telfhash
  Symbol hash for ELF files
  ☆111Updated 3 years ago
• mbrengel / yarix
  ☆59Updated 4 years ago
• ITAYC0HEN / APT-Ecosystem
  This repository contains the website and the tools which are part of the joint research between Check Point Research and Intezer to map t…
  ☆110Updated 5 years ago
• Cisco-Talos / file2pcap
  ☆172Updated 4 years ago
• plashchynski / viewssld
  viewssld is a free, open source, non-terminating SSLv2/SSLv3/TLS traffic decryption daemon for Snort, and other Network Intrusion Detecti…
  ☆74Updated 7 years ago
• realparisi / WMI_Monitor
  Log newly created WMI consumers and processes to the Windows Application event log
  ☆124Updated 7 years ago