Category: Defense

SSH3

SSH3: faster and rich secure shell using HTTP/3

SSH3: faster and rich secure shell using HTTP/3 SSH3 is a complete revisit of the SSH protocol, mapping its semantics on top of the HTTP mechanisms. In a nutshell, SSH3 uses QUIC+TLS1.3 for secure channel establishment...

Linux Threat Hunting

kunai: Threat hunting tool for Linux

kunai The goal behind this project is to bring relevant events to achieve various monitoring tasks ranging from security monitoring to Threat Hunting on Linux-based systems. If you are familiar with Sysmon on Windows,...

blue team tool

FalconHound v1.2 releases: blue team multi-tool

FalconHound FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with an SIEM...

Rootkit Detection

ved-ebpf: Kernel Exploit and Rootkit Detection using eBPF

VED-eBPF: Kernel Exploit and Rootkit Detection using eBPF VED (Vault Exploit Defense)-eBPF leverages eBPF (extended Berkeley Packet Filter) to implement runtime kernel security monitoring and exploit detection for Linux systems. Introduction eBPF is an...