Search Results for "silont-kernel-onclite"

...Osquery exposes an operating system as a high-performance relational database. This allows you to write SQL queries to explore operating system data. With osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events or file hashes.Osquery queries your devices like a database. Osquery uses basic SQL commands to leverage a relational data-model to describe a device. Frequently, attackers will leave a malicious process running but delete the original binary on disk. This query returns any process whose original binary has been deleted, which could be an indicator of a suspicious process.

...It can collect logs from files in various formats, receive logs from the network remotely over UDP, TCP or TLS/SSL . It supports platform specific sources such as the Windows Eventlog, Linux kernel logs, Android logs, local syslog etc. Writing and reading logs to/from databases is also supported. The collected logs can be stored into files, databases or forwarded to a remote log server using various protocols. The old BSD Syslog and the newer IETF syslog standard is fully supported by NXLog in addition to Snare, XML, JSON, GELF, KVP, CSV and custom formats. ...

Uberviewer is a java/swt log processor for Uberlogger (a kernel-based observatory). It allows real-time analysis of a remote OS, including process and I/O monitoring. This tool is intended to be helpful for security researchers and malware analysts.

USRBAC is a kernel patch and userspace daemon that allows role based access control to be mitegated in userspace. The goal is to allow a secure way to impliment RBAC compliant security systems using a daemon in userspace

Project is a library of windows kernel mode drivers. These drivers intercept requests to file system drivers (FSD), filter and logging actions.