libs
libsinsp, libscap, the kernel module driver, and the eBPF driver sources (by falcosecurity)
event-generator
Generate a variety of suspect actions that are detected by Falco rulesets (by falcosecurity)
libs | event-generator | |
---|---|---|
1 | 1 | |
203 | 79 | |
1.5% | - | |
9.9 | 9.3 | |
about 8 hours ago | 3 days ago | |
C | Go | |
Apache License 2.0 | Apache License 2.0 |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
libs
Posts with mentions or reviews of libs.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-05-11.
-
Getting started developing Falco
falcosecurity/libs, containing both the kernel module and the eBPF probe, and also libscap and libsinsp.
event-generator
Posts with mentions or reviews of event-generator.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-05-11.
-
Getting started developing Falco
Now that you built Falco, you may wonder if everything works as expected. A quick and dirty way of testing Falco is using the event-generator. This is yet another project from the Falcosecurity organization, and it can be used to generate some suspicious actions on the system, therefore, triggering some Falco rules. All you need to do is to start two terminals. You will launch Falco from one of them and leave it running. From the second terminal, launch the event generator using the following command:
What are some alternatives?
When comparing libs and event-generator you can also consider the following projects:
TripleCross - A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
gotestwaf - An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
ecapture - Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
Visual Studio Code - Visual Studio Code
Vagrant - Vagrant is a tool for building and distributing development environments.
community - The Falco Project Community
falco - Cloud Native Runtime Security
Caddy - Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS