Elastic Security
Elastic is a search-powered AI company that enables users to find answers from all data in real-time at scale.
Procmon for Linux (Procmon) is a Linux reimagining of the classic Procmon tool from the Sysinternals suite of tools for Windows, providing a convenient and efficient way for Linux developers to trace the syscall activity on the system. Installation & Usage Requirements: OS - Ubuntu 18.04 LTS, cmake >= 3.14 (build-time only), libsqlite3-dev >= 3.22 (build-time only). To install Procmon, follow the distribution-specific steps provided in the install instructions. Building Procmon from source requires installing build dependencies and running specific commands. Procmon Packages can be built using cpack, and usage involves various options like monitoring process IDs and system calls.
Elastic is a search-powered AI company that enables users to find answers from all data in real-time at scale.
A dynamic GUI for advanced log analysis, allowing users to execute SQL queries on structured log data.
Cybersecurity project for security monitoring of Node.js applications.
A collection of free shareable log samples from various systems with evidence of compromise and malicious activity, maintained by Dr. Anton Chuvakin.
A toolset for collecting and processing netflow/ipfix and sflow data from netflow/sflow compatible devices.
ELAT (Event Log Analysis Tool) is a tool that helps in analyzing Windows event logs for malware detection.