Intrusion Detection
Showing 21 of 57 projects
A low to medium interaction honeypot written in Python, designed for easy deployment and extensibility.
A Go HTTP middleware that protects web services from OWASP Top 10 threats, known vulnerabilities, malicious actors, and brute force attacks.
A Docker image for Suricata, enabling easy deployment of the network intrusion detection and prevention system.
A protocol-agnostic, low-interaction honeypot that intercepts and logs network traffic to analyze malicious activities.
An open-source big data security analytics tool that analyzes network packet capture (pcap) files using Apache Pig.
A proof-of-concept tool that spreads deceptive breadcrumbs and honeytokens across systems to lure attackers toward honeypots.
A curated list of awesome tools, libraries, dashboards, and resources for the Suricata intrusion detection/prevention system.
A research project providing tools and detection rules for analyzing and simulating Quantum Insert network attacks.
A comprehensive guide for extreme performance tuning of Suricata intrusion detection systems.
A Go library for parsing and manipulating Snort and Suricata IDS/IPS rules with Suricata compatibility focus.
A WordPress honeypot that detects probes for plugins, themes, and common files used to fingerprint WordPress installations.
Suricata rules for network anomaly detection and threat hunting.
A high-interaction SSH honeypot that logs and proxies attacker connections to a real SSH server.
A low-interaction honeypot that mimics network services and clones websites with AI-powered responses to detect intruders.
An autonomous open-source security agent for Linux that detects, scores, and automatically responds to threats using eBPF, AI, and collaborative defense.
A low-interaction honeypot that responds to network scanners and bots across multiple protocols, designed for self-hosted threat intelligence.
A practical classroom course suite teaching cyber defense monitoring using Suricata and Arkime for threat detection and packet analysis.
A low-interaction honeypot that catches attacks against TCP and UDP services by emulating protocols, mirroring, or proxying connections.
A set of Suricata IDS/IPS detection rules specifically designed to identify NMAP port scans across various scan types and speeds.
A language server implementing the Language Server Protocol for Suricata signatures, providing syntax checking, hints, and auto-completion.
Automated script to install and configure Dionaea and Kippo honeypots as system services on Ubuntu.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.