Intrusion Detection
Showing 23 of 23 projects
A comprehensive, evolving guide to hardening a Linux server with practical steps and security best practices.
A SQL-powered framework for instrumenting, monitoring, and analyzing operating systems across Linux, macOS, and Windows.
A SQL-powered framework for instrumenting, monitoring, and analyzing operating systems across Linux, macOS, and Windows.
A daemon that scans log files and bans IP addresses with too many failed authentication attempts using firewall rules.
An open-source unified XDR and SIEM platform for threat prevention, detection, and response across endpoints and cloud workloads.
An open-source, participative security engine that detects and blocks malicious IPs using crowdsourced threat intelligence.
A curated list of awesome honeypot resources, tools, and related components for cybersecurity research and defense.
An SSH tarpit that slowly sends an endless banner to trap and waste attackers' time.
A malicious traffic detection system that monitors network traffic for blacklisted threats and suspicious activities using public feeds and heuristics.
A lightweight network IP scanner with a web GUI that monitors hosts, sends notifications, and exports data to Grafana.
An open-source platform for collecting, storing, sharing, and acting upon cybersecurity threat intelligence and indicators.
Open Source Host-based Intrusion Detection System performing log analysis, file integrity checking, rootkit detection, and active response.
A curated list of open-source and research tools for capturing, analyzing, and processing network packet captures (PCAP files).
A Linux distribution for threat hunting, enterprise security monitoring, and log management.
Open source Runtime Application Self-Protection (RASP) solution that integrates security directly into application servers via instrumentation.
A modular, low-resource network honeypot that mimics services to detect breaches and alert on attacker interactions.
A centralized management and data collection server for deploying and monitoring multiple honeypot sensors.
Deploy honeytokens across your network to detect unauthorized access and data exfiltration attempts.
A suite of network fingerprinting standards for TLS, TCP, HTTP, SSH, and other protocols to facilitate threat detection and security analysis.
A high-performance packet capture solution that buffers all network traffic to disk for fast retrieval of specific subsets.
A lightweight SSH honeypot that logs all connection attempts and activity without executing commands.
A medium interaction SSH honeypot that logs brute force attacks and attacker shell interactions.
A Linux distribution for network detection and response (NDR) built around Suricata, providing a complete NDR platform.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.