☠️ rupurt — Advanced Linux rootkit hunter | 250+ signatures, eBPF kernel analysis, memory forensics, APT detection | NullSec
-
Updated
Apr 16, 2026 - C
#
apt-detection
Here are 9 public repositories matching this topic...
Lightweight Endpoint Detection & Response (EDR) Framework
-
Updated
Sep 16, 2019
A lightweight **Linux endpoint** detection agent written in **Go**. It runs as a CLI or **systemd** service, scans the host on an interval (and optionally watches `authorized_keys` via **fsnotify**), and emits **one JSON object per line** on stdout for SIEM pipelines.
-
Updated
Jun 3, 2026 - Go
Host Intrusion Detection & Active Signaling System (HIDASS) for Linux kernel 5.15+. Implements a Stackelberg defender-leader game-theoretic model to expose interactive APTs via eBPF-driven TTY timing analysis (Welford/Shannon entropy) and adaptive zero-copy RingBuffer jitter injection. Built in Rust (no_std probe, Tokio user-space daemon).
rust zero-copy linux-kernel cybersecurity intrusion-detection game-theory aya threat-hunting ebpf system-monitoring anomaly-detection shannon-entropy apt-detection advanced-persistent-threat kernel-security
-
Updated
Jun 8, 2026 - Rust
The WPF-based graphical user interface for interacting with MAGIC - Detecting Advanced Persistent Threats via Masked Graph Representation Learning
machine-learning csharp dotnet gui-application self-supervised-learning apt-detection advanced-persistent-threat
-
Updated
Jun 13, 2025 - C#
Codes and data for USENIX Security 24 paper "MAGIC: Detecting Advanced Persistent Threats via Masked Graph Representation Learning"
-
Updated
Aug 12, 2025 - Python
AI-powered intrusion detection and APT attack prediction system using FastAPI, XGBoost and explainable AI.
python security machine-learning ai backend postgresql cybersecurity xgboost intrusion-detection network-security anomaly-detection explainable-ai shap fastapi apt-detection
-
Updated
May 21, 2026 - Python
Autonomous multi-agent DFIR orchestrator — Splunk alerts trigger AI triage, findings pushed back to Splunk. 100% precision, 0 hallucinations. Claude + SIFT + Go MCP Server.
golang security splunk mcp incident-response forensics dfir cybersecurity volatility memory-forensics blue-team splunk-hec apt-detection sift-workstation claude-ai agentic-ai rootkit-detection
-
Updated
Jun 9, 2026 - Go
Windows 기반 APT 공격 실시간 탐지 및 대응 자동화 시스템
incident-response sysmon digital-forensics anomaly-detection mitre-attack windows-security apt-detection streamlit-dashboard pycaret
-
Updated
Aug 25, 2025 - Python
Improve this page
Add a description, image, and links to the apt-detection topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the apt-detection topic, visit your repo's landing page and select "manage topics."