Horus is a cutting-edge open-source tool designed for performing forensic and administrative tasks at the kernel level. Leveraging eBPF, a low-overhead in-kernel virtual machine, and the Rust programming language, Horus empowers you to enhance the security and control of your systems.
In today's digital landscape, ensuring the security and integrity of your systems is paramount. Horus stands as a powerful solution, granting you the ability to monitor, analyze, and safeguard your system's behavior by operating at the deepest levels of the kernel.
Horus provides a wide array of features, including:
-
Granular Control: Block potentially dangerous actions such as tracing programs or executing fileless attacks, some are stupid like running
rm -rf. when you are in your home directory (true story) -
Kernel-Level Firewall: Think of Horus as a firewall for your kernel. It actively protects your system against unauthorized or harmful actions, offering a robust defense mechanism.
To begin using Horus, follow these simple steps:
-
kwall: Use the
kwallcommand to start the Horus serverless or full mode.kwall run serverless / full
-
kcontroller: Launch the Horus controller with the following command:
kcontroller run
-
ELK Stack: If needed, you can run the ELK (Elasticsearch, Logstash, Kibana) stack using Docker Compose:
docker-compose up
Horus represents the pinnacle of kernel-level security and administration. By harnessing eBPF and Rust, it empowers you to protect your systems from both malicious attacks and inadvertent mishaps. Welcome to a new era of system security with Horus.