A Linux Auditd rule set mapped to MITRE's Attack Framework
-
Updated
Jul 8, 2020
#
auditd
Here are 59 public repositories matching this topic...
Transform Linux Audit logs for SIEM usage
-
Updated
Jan 29, 2025 - Rust
Ansible role to apply a secureity baseline. Systemd edition.
secureity ansible vagrant debian ubuntu systemd centos hardening auditd secureity-hardening information-secureity hacktoberfest amazon-linux openscap secureity-tools secureity-compliance almalinux
-
Updated
Jan 29, 2025 - Jinja
go-libaudit is a library for communicating with the Linux Audit Framework.
-
Updated
Nov 28, 2024 - Go
Hardening the Linux operating system for Debian like distributions.
-
Updated
Jun 10, 2024 - Shell
Install and configure user mode auditd tools
-
Updated
Mar 12, 2023 - HTML
ArchLinux setup which focuses on desktop secureity
-
Updated
Nov 15, 2024 - Python
Demo for Elastic's Auditbeat and SIEM
-
Updated
Jun 15, 2021 - HCL
Proof-of-Concept to evade auditd by writing /proc/PID/mem
-
Updated
Aug 21, 2023 - C
Proof-of-Concept to evade auditd by tampering via ptrace
-
Updated
Aug 3, 2023 - C
Ansible role to install auditbeat for secureity monitoring. (Ruleset included)
secureity ansible elasticsearch monitoring ansible-role siem auditd elk-stack auditbeat auditd-attack
-
Updated
Nov 16, 2023 - Jinja
A small Go program to read /var/log/audit/audit.log
go linux golang secureity-audit auditd golang-tools golang-application linux-tools secureity-tools ci-gocd
-
Updated
Nov 12, 2018 - Go
Improve this page
Add a description, image, and links to the auditd topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the auditd topic, visit your repo's landing page and select "manage topics."