Real-time HTTP Intrusion Detection

[archived] 一款实验性质的主机入侵检测系统

Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.

A utility to safely generate malicious network traffic patterns and evaluate controls.

Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives output with cryptographic hashes.

A lightweight tool to score network traffic and flag anomalies

fast, extensible, versatile event router for Suricata's EVE-JSON format

🔐 teler Proxy enabling seamless integration with teler WAF 🛡️ to protect locally running web service against a web-based attacks. 🥷

Real-time eBPF-powered network security monitor with AI-driven threat detection. Surfaces port scans, DDoS attacks, botnet activity, and anomalies at 100Gbps+ speeds with sub-microsecond latency (~150 million packets/sec).

802.11 IDS, visualizer, and analytics platform for the web

🚀 A lightweight, fast, and comprehensive solution for traffic analysis and intrusion detection.

A distributed honeypot for monitoring large scale web attacks

automatic enumeration and maintenance of Suricata monitoring interfaces

CoreDNS plugin exposing Prometheus metrics for malicious or prohibited requests

proof of concept intrusion mitigation tool written in go for windows. (Sysmon eventlogs and Sigma .yml signature rules)

Super fast Go server for intrusion detection and prevention on Apache logs

Distributed Multi-Agent Platform with Zero-Trust Security

Managed app for the host-based intrusion detection agent Falco.