Python Ids

Open-source Python projects categorized as Ids | Edit details

Top 4 Python Id Projects

  • Fail2Ban

    Daemon to ban hosts that cause multiple authentication errors

    Project mention: fail2ban log says "banned" but IP still able to connect | reddit.com/r/selfhosted | 2022-05-06

    # actionflush = -F f2b- [Init] # Option: chain # Notes specifies the iptables chain to which the Fail2Ban rules should be # added # Values: STRING Default: INPUT chain = INPUT # Default name of the chain # name = default # Option: port # Notes.: specifies port to monitor # Values: [ NUM | STRING ] Default: ## port = ssh # Option: protocol # Notes.: internally used by config reader for interpolations. # Values: [ tcp | udp | icmp | all ] Default: tcp # protocol = tcp # Option: blocktype # Note: This is what the action does with rules. This can be any jump target # as per the iptables man page (section 8). Common values are DROP # REJECT, REJECT --reject-with icmp-port-unreachable # Values: STRING blocktype = BLOCK # Option: returntype # Note: This is the default rule on "actionstart". This should be RETURN # in all (blocking) actions, except REJECT in allowing actions.# Values: STRING returntype = RETURN # Option: lockingopt # Notes.: Option was introduced to iptables to prevent multiple instances from # running concurrently and causing irratic behavior. -w was introduced # in iptables 1.4.20, so might be absent on older systems # See https://github.com/fail2ban/fail2ban/issues/1122 # Values: STRING lockingopt = -w # Option: iptables # Notes.: Actual command to be executed, including common to all calls options # Values: STRING iptables = iptables [Init?family=inet6] # Option: blocktype (ipv6) # Note: This is what the action does with rules. This can be any jump target # as per the iptables man page (section 8). Common values are DROP # REJECT, REJECT --reject-with icmp6-port-unreachable # Values: STRING blocktype = REJECT --reject-with icmp6-port-unreachable # Option: iptables (ipv6) # Notes.: Actual command to be executed, including common to all calls options # Values: STRING iptables = ip6tables

  • sigma

    Generic Signature Format for SIEM Systems

    Project mention: Elastic for security | reddit.com/r/elasticsearch | 2022-02-07

    Try this instead: https://github.com/SigmaHQ/sigma

  • SonarLint

    Deliver Cleaner and Safer Code - Right in Your IDE of Choice!. SonarLint is a free and open source IDE extension that identifies and catches bugs and vulnerabilities as you code, directly in the IDE. Install from your favorite IDE marketplace today.

  • StratosphereLinuxIPS

    Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT in Prague.

    Project mention: paqetz - Network security monitor based on Bro/Zeek (feedback requested) | reddit.com/r/selfhosted | 2021-08-13

    interestinggg there's this open source tool calles Slips that seems to be exactly how you want your tool to be https://github.com/stratosphereips/StratosphereLinuxIPS

  • threatbus

    🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.

    Project mention: Ask HN: Who is hiring? (September 2021) | news.ycombinator.com | 2021-09-01

    Tenzir | C++, ReasonML, Rust, Python | Hamburg, Germany or Remote (EU timezones) | Open-source | Full-time | https://tenzir.com

    Tenzir is an early-stage startup that builds a next generation data-plane for modern Security Operations Centers. It is our mission to help defenders pull ahead by integrating widely used open source tools and building solutions that reduce the time to detect attacks and help with post-mortem investigations. To that end, we develop the high-performance C++ database [VAST](https://github.com/tenzir/vast) with a ReasonML-based frontend that is served by a Rust API. We also develop [Threat Bus](https://github.com/tenzir/threatbus), a dissemination layer for threat intelligence, which orchestrates detection and response products in a publish/subscribe architecture.

    We're currently hiring for

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2022-05-06.

Index

What are some of the best open-source Id projects in Python? This list will help you:

Project Stars
1 Fail2Ban 7,115
2 sigma 4,962
3 StratosphereLinuxIPS 272
4 threatbus 209
Find remote jobs at our new job board 99remotejobs.com. There are 12 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com