SECOND DAY Conference restarted with Kunai Project (@[email protected]) 🥰

Today is the third day of Pass the SALT Conference. I'm learning about Kunai Project (@[email protected]): cfp.pass-the-salt.org/pts2024/talk/T… It's a #sysmon alternative for #Linux targeted at #infosec, however I plant to use it to debug syslog-ng :-)

Many thanks 🙏 to Xavier Mertens @[email protected] 🇧🇪 for writing a blog post about Kunai. Check it out at isc.sans.edu/diary/Kunai+Ke…

Hey ! It seems there is a new Kunai release, featuring one of the functionality which has been asked to me two weeks ago at Pass the SALT Conference: aka log rotation. Check it out at: github.com/kunai-project/… cc:David Szili 🆗 Xavier Mertens @[email protected] 🇧🇪

👏👏👏 to Quentin, the Kunai Project (@[email protected]) leader, for this blazing fast implementation of the feature request asked during the #kunai talk at our 2024 edition! This is exactly the purpose of our conference: giving opportunity to FLOSS developers to interact with users and security

Learning from the Recent Windows/Falcon Sensor Outage - Causes and Potential Improvement Strategies in Linux with Open Source circl.lu/pub/learning-f… #infosec #crowdstrike #opensource #edr

🎉 New Kunai release with small enhancements concerning detection/filtering rules and aarch64 compatibility. This is the latest release for v0.2 as I'll start working on v0.3 to bring new events and new features. Check it out: github.com/kunai-project/…

🔧 I initiated the work on next version. I am already planning to add one security event generated when a task tries to kill another. If you'd like other events, reply to this post with your ideas. #linux #threathunting #threatdetection

📷 A public preview of new features landing soon in the Kunai Project: - Define actions triggered by detections - Scan files with YARA as an action 💣 You can even detect #malware in #linux containers (see example) Follow progress: github.com/kunai-project/…

🔔 For those wondering how to gain visibility on their #Linux system for #ThreatDetection and #ThreatHunting: Check out the Kunai Project! It's completely free and supports IoC-based detection, Yara rules, custom detection rules, and more. New release: github.com/kunai-project/…

Zeek/Suricata IDS Community-id + Kunai Runtime Security = 💕

Enhancing Detection Engineering with Automated Malware Sandboxing with Kunai Project (@[email protected]) #detectionengineering #infosec #edr #sandbox #opensource #threathunting 📘 Blog post - why.kunai.rocks/blog/2024/10/0… 🔎 Git repository - github.com/kunai-project/… 🔗 Dataset - helga.circl.lu/NGSOTI/malware-

Linux sandboxing infrastructure based on QEMU for virtualization and Kunai for sample monitoring - so cool! 🔥👏👏✌️

🎉 We're thrilled to announce Kunai v0.3.0-beta.1! 🔍 New features: 💡 Event monitoring for files written then closed 🌐 Corelight community-ID integration 🛠️ New CLI options for logs & service installation Check it out: github.com/kunai-project/… #dfir #soc #threathunting

🚀 New Stable Release! 🚀 Now with log rotation, an overhauled CLI, new kill event, and hardened mode with LSM for enhanced security. YARA-X integration brings advanced threat detection, and Community-ID supports easy network data correlation. github.com/kunai-project/…

🚀 New Kunai Release! 🎉 Fixes zombie process tracking 🧟‍♂️, better configs, and new features: - Composite Rules for modular logic - File Create Event Tracking - ... Docs: why.kunai.rocks Details: github.com/kunai-project/… #Linux #OpenSource #SOC #DFIR #ThreatHunting

🎉 The Kunai Project will join Hackathon.lu 2025 on April 8-9! Let’s work together toward a common goal. 📅 Details: hackathon.lu 🔎 Explore Kunai: github.com/kunai-project/… #OpenSource #ThreatHunting #Linux

"Kunai Project (@[email protected]): threat-hunting tool for #Linux leveraging #eBPF with #kernel-level probes that capture critical events" Bill Mulligan 🐝🐝🐝 github.com/kunai-project/…

Kunai v0.5.0 is here! 🔥 New start/error/event_loss events + file system event limiting & bug fixes. Enhanced observability. Check it out: github.com/kunai-project/… #dfir #soc #ebpf #opensource #Linux

🚀 Kunai pushes further MISP (@[email protected]) integration! New tool kunai-to-misp (github.com/kunai-project/…) lets you push Kunai logs to MISP (misp-project.org) for better threat intel sharing. #ThreatIntel #Linux #SOC #OpenSource #ThreatHunting