Search Results for "intrusion"
Sort By:
Showing 224 open source projects for "intrusion"
View related business solutions-
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
Full-stack observability with actually useful AI | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
1
Elkeid
Open source solution that can meet the requirements of workloads
Elkeid is an open-source platform for security and intrusion-detection that aims to support a wide variety of deployment contexts — from bare-metal hosts to containers, Kubernetes clusters, and even serverless environments. It was born out of ByteDance’s internal security best practices, offering for community users a subset of its enterprise-grade capabilities. Elkeid combines kernel-level data collection, user-space agents, and runtime instrumentation (RASP) to detect malicious behavior, file anomalies, runtime exploits, and suspicious container activity. ... -
2
Wazuh
The Open Source Security Platform
Wazuh is an open-source, unified security platform that delivers extended detection and response (XDR) and SIEM capabilities for on-premises, cloud, container, and endpoint environments. It provides comprehensive threat prevention, detection, integrity monitoring, incident response, and compliance monitoring. SIEM functionality to monitor security across endpoints, workloads, and containers. Centralized architecture enabling scalable deployment and unified management. Easy deployment with... -
3
PacketFence
Free and Open Source network access control (NAC) solution
PacketFence is a fully-featured, open-source network access control (NAC) solution that provides secure wired and wireless network access. It supports 802.1X, captive portal authentication, device profiling, endpoint compliance, and guest access. PacketFence is used in enterprise, education, and healthcare environments to enforce security policies and network segmentation. -
4
ntopng
Web-based Traffic and Security Network Traffic Monitoring
...It is the new incarnation of the original ntop written in 1998, and is now revamped in terms of performance, usability, and features. ntopng is a network traffic probe that provides 360° Network visibility, with its ability to gather traffic information from traffic mirrors, NetFlow exporters, SNMP devices, Firewall logs, and Intrusion Detection systems. ntopng has been written in a portable way in order to virtually run on every Unix platform, including Linux and FreeBSD, MacOS and on Windows as well. ntopng captures traffic from SPAN/mirror ports or TAP devices using libpcap, or PF_RING (on Linux) for best performance. Or you can use it in combination with nProbe to collect NetFlow/sFlow from routers and switches, or nProbe Cento to analyze 100 Gbit links at full rate. -
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
5
DeepCamera
Open-Source AI Camera. Empower any camera/CCTV
DeepCamera empowers your traditional surveillance cameras and CCTV/NVR with machine learning technologies. It provides open-source facial recognition-based intrusion detection, fall detection, and parking lot monitoring with the inference engine on your local device. SharpAI-hub is the cloud hosting for AI applications that helps you deploy AI applications with your CCTV camera on your edge device in minutes. SharpAI yolov7_reid is an open-source Python application that leverages AI technologies to detect intruders with traditional surveillance cameras. ... -
6
Zeek
Zeek is a powerful network analysis framework
...Vern and the project’s leadership team renamed Bro to Zeek in late 2018 to celebrate its expansion and continued development. Zeek is not an active security device, like a firewall or intrusion prevention system. Rather, Zeek sits on a “sensor,” a hardware, software, virtual, or cloud platform that quietly and unobtrusively observes network traffic. Zeek interprets what it sees and creates compact, high-fidelity transaction logs, file content, and fully customized output, suitable for manual review on disk or in a more analyst-friendly tool like a security and information event management (SIEM) system. -
7
ESP32-Paxcounter
Wifi & BLE driven passenger flow metering with cheap ESP32 boards
...Paxcounter detects Wifi and Bluetooth signals in the air, focusing on mobile devices by evaluating their MAC addresses. The intention of this project is to do this without intrusion in privacy: You don't need to track people-owned devices if you just want to count them. Therefore, Paxcounter does not persistently store MAC addresses and does no kind of fingerprinting the scanned devices. Data can either be stored on a local SD-card, transferred to the cloud using LoRaWAN network or MQTT over TCP/IP, or transmitted to localhost using serial (SPI) interface. ... -
8
Network Flight Simulator
A utility to safely generate malicious network traffic patterns
flightsim is a lightweight utility used to generate malicious network traffic and help security teams to evaluate security controls and network visibility. The tool performs tests to simulate DNS tunneling, DGA traffic, requests to known active C2 destinations, and other suspicious traffic patterns. -
9
Mail-in-a-Box
Take back control of your email with this mail server in a box
Mail-in-a-Box helps individuals take back control of their email by defining a one-click, easy-to-deploy SMTP+everything else server, a mail server in a box. Mail-in-a-Box lets you become your own mail service provider in a few easy steps. It’s sort of like making your own gmail, but one you control from top to bottom. Technically, Mail-in-a-Box turns a fresh cloud computer into a working mail server. But you don’t need to be a technology expert to set it up. Our goals are to make deploying... -
Custom VMs From 1 to 96 vCPUs With 99.95% UptimeLive migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
-
10
ByteHook
ByteHook is an Android PLT hook library
ByteHook is a ByteDance-hosted project whose name suggests a hooking or instrumentation library, likely used for hooking system calls or API calls for monitoring, sandboxing or instrumentation. The repository appears to aim at low-level hooking/injection capabilities, perhaps to support runtime introspection, behavioral monitoring, or hooking-based instrumentation (e.g. for security, tracing, sandboxing, or debugging). Because hooking is a common technique for intercepting library or system... -
11
migrid
A grid middleware with minimal user and resource requirements
[This project moved to Github and is no longer maintained here] Minimum intrusion Grid (MiG) is an attempt to design a new platform for Grid computing which is driven by a stand-alone approach to Grid, rather than integration with existing systems. The goal of the MiG project is to provide Grid infrastructure where the requirements on users and resources alike is as small as possible (minimum intrusion). MiG strives for minimum intrusion but will seek to provide a feature rich and dependable Grid solution. ... -
12
Suricata Anti-DDoS Lab
Suricata VMware VM dor IDS practicing
Suricata Anti-DDoS Security Lab (Debian 13 VMware Virtual Machine): Preconfigured VMware virtual machine for educational network security monitoring and intrusion detection using Suricata. Designed for hands-on IDS and SOC-style training in a controlled lab environment. Includes the following integrated services: + Suricata – network intrusion detection and traffic inspection + EveBox – alert visualisation and event analysis + DVWA – vulnerable web application for traffic generation and testing + phpMyAdmin – database management and inspection Default setup demonstrates DDoS-related detection scenarios, but the lab is fully customisable for other network-based attacks. ... -
13
teler
Real-time HTTP Intrusion Detection
teler is an real-time intrusion detection and threat alert based on web log that runs in a terminal with resources that we collect and provide by the community. kitabisa/teler-waf: teler-waf is a Go HTTP middleware that provide teler IDS functionality to protect against web-based attacks and improve the security of Go-based web applications. It is highly configurable and easy to integrate into existing Go applications. teler provides alerting when a threat is detected, push notifications include Slack, Mattermost, Telegram and Discord. ... -
14
Netdeep Secure Firewall
Next Generation Open Source Firewall
...It offers Web content filters, ensuring better performance of the network, allowing users to use the service efficiently and securely, providing a deep control of the use of the Web access service, blocking access to unwanted websites, Virus, Spam, Applications and intrusion attempts. Its configuration is made entirely by the web interface. -
15
OpenFW UTM Community is a "turn-key" , fork solutions Endian Firewall UTM Community, linux security distribution that makes your system a full featured security appliance with Unified Threat Management (UTM) functionalities. The software has been designed for the best usability: very easy to install, use and manage and still greatly flexible. The feature suite includes stateful packet inspection firewall, application-level proxy HTTP with antivirus support, content filtering of Web...
-
16
Afick is a fast and portable intrusion detection and integrity monitoring system, designed to work on all platform (it only needs perl and standard modules), including windows, linux, unix. The configuration syntax is very close from tripwire/aide
-
17
ICS Sensor Sim Lab
ICS Sensor Traffic Simulator
This tool simulates network traffic typical of an Industrial Control System (ICS) environment. It generates synthetic Modbus/TCP packets to help test monitoring and intrusion detection systems. Quick Start To use this tool, run the simulator: bash # Run for 30 seconds and save to traffic.log python lab_runner.py ics-sim --duration 30 --output traffic.log -
18
Network Security Toolkit (NST)
A network security analysis and monitoring toolkit Linux distribution.
Network Security Toolkit (NST) is a bootable ISO image (Live USB Flash Drive) based on Fedora 42 providing easy access to best-of-breed Open Source Network Security Applications and should run on most x86_64 systems. The main intent of developing this toolkit was to provide the security professional and network administrator with a comprehensive set of Open Source Network Security Tools. The majority of tools published in the article: Top 125 Security Tools by INSECURE.ORG are available... -
19
hookprobe
Free AI that blocks hackers while you sleep. Runs on cheap hardware
HookProbe is an open-source AI-native intrusion detection system (IDS/IPS) that runs on Raspberry Pi and edge devices. It combines eBPF/XDP kernel-level packet filtering with machine learning threat classification to deliver autonomous network security with zero cloud dependency. The stack includes NAPSE (AI packet inspection), HYDRA (threat intelligence pipeline), SENTINEL (ML classification engine), and AEGIS (autonomous defense orchestrator). -
20
openWrt-snort
Image of OpenWrt OS, with snort community featured in.
Image of OpenWrt OS, with snort community featured in, for Raspberry Pi 4/ 4B+ and 400, basically for Processor BCM2711. Installed Snort Community Model to Intrusion Detection system. Prevention system not installed. eth0 used as output/ LAN socket, to run internet and access router. eth1, which can be USB -> Ethernet port, is used as WAN port, to connect Pi board to Internet IP. to flash img file, you can restore in SD card, or use Balena Etcher to flash. or you can use DD commend of UNIX. ... -
21
Endian Firewall Community (EFW) is a "turn-key" linux security distribution that makes your system a full featured security appliance with Unified Threat Management (UTM) functionalities. The software has been designed for the best usability: very easy to install, use and manage and still greatly flexible. The feature suite includes stateful packet inspection firewall, application-level proxies for various protocols (HTTP, FTP, POP3, SMTP) with antivirus support, virus and spam-filtering...
-
22
PySnooper
Never use print for debugging again
PySnooper is a simple yet powerful Python debugging utility. Just add a @pysnooper.snoop() decorator, and it logs line-by-line execution with timestamps and local variable tracking—saving you from inserting print() statements manually. -
23
Matrix
Plugin style, non-invasive APM system developed by WeChat
Matrix is an APM (Application Performance Manage) used in Wechat to monitor, locate and analyse performance problems. It is a plugin style, non-invasive solution and is currently available on iOS, macOS and Android. The monitoring scope of the current tool includes: crash, lag, and out-of-memory, which includes the following two plugins, WCCrashBlockMonitorPlugin, which is based on KSCrash framework and features cutting-edge lag stack capture capabilities with crash capture, and... -
24
update-golang
Easily fetch and install new Golang releases with minimal intrusion
update-golang is a script to easily fetch and install new Golang releases with minimum system intrusion. The script uses local system OS and ARCH to download the correct binary release. It is not harmful to run the script multiple times. Downloaded releases are kept as cache under '/usr/local'. You can erase them manually. By default, the script only detects actual releases (not beta releases, not release candidates). However one can force any specific non-final release. -
25
Aurelia
Framework entry point bringing together all the sub-modules of Aurelia
Aurelia is a modern, front-end JavaScript framework for building browser, mobile, and desktop applications. It focuses on aligning closely with web platform specifications, using convention over configuration, and having minimal framework intrusion. Basically, we want you to just write your code without the framework getting in your way. This library is part of the Aurelia platform. It contains the aurelia-framework library, which brings together all the required core aurelia libraries into a ready-to-go application-building platform. Aurelia applications are built by composing a series of simple components. ...
