The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 23 intrusion-detection Open-Source Projects
-
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
OSSEC
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
-
Pi.Alert
WIFI / LAN intruder detector. Check the devices connected and alert you with unknown devices. It also warns of the disconnection of "always connected" devices
-
NetAlertX
Get visibility of what's going on on your WIFI/LAN network. Schedule scans for devices, port changes and get alerts if unknown devices or changes are found. Write your own Plugins with auto-generated UI and in-build notification system. Build out and easily maintain your network source of truth (NSoT).
-
ipban
Since 2011, IPBan is the worlds most trusted, free security software to block hackers and botnets. With both Windows and Linux support, IPBan has your dedicated or cloud server protected. Upgrade to IPBan Pro today and get a discount. Learn more at ↓
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
Digital-Forensics-Guide
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
-
acra
Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL. (by cossacklabs)
-
Open-Source-Security-Guide
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
-
-
-
Intrusion-Detection-System-Using-Machine-Learning
Code for IDS-ML: intrusion detection system development using machine learning algorithms (Decision tree, random forest, extra trees, XGBoost, stacking, k-means, Bayesian optimization..)
-
Pi.Alert
Scan the devices connected to your WIFI / LAN and alert you the connection of unknown devices. It also warns if a "always connected" device disconnects. In addition, it is possible to check web services for availability. For this purpose HTTP status codes and the response time of the service are evaluated. (by leiweibau)
-
py-idstools
idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)
-
-
-
-
-
MStream
Anomaly Detection on Time-Evolving Streams in Real-time. Detecting intrusions (DoS and DDoS attacks), frauds, fake rating anomalies. (by Stream-AD)
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Perhaps the OP means OsQuery: https://github.com/osquery/osquery
OsQuery is an SQLite extension consisting of hundreds of virtual tables
Project mention: Looking for a way to remote in to K's of raspberry pi's... | /r/sysadmin | 2023-12-10now some things you need to think about: - cloud init - this will need to be secure so lock it down hard anything not needed an alternative OS to look at if you have the ability's is https://www.alpinelinux.org/ also as these devices are not that powerfull every extra agent / abstaction layer you add impacts performance need to look at low over head security https://www.crowdsec.net/ and https://github.com/fail2ban/fail2ban (if you call fail2ban security) - using certificates to authenticate ssh login
I just wanted to tell you about Maltrail (https://github.com/stamparm/maltrail/).
Project mention: Pi.Alert VS NetAlertX - a user suggested alternative | libhunt.com/r/Pi.Alert | 2024-04-19
Project mention: Pi.Alert VS NetAlertX - a user suggested alternative | libhunt.com/r/Pi.Alert | 2024-04-19💻🔍 Network security scanner & notification framework - PiAlert successor
Project mention: Well I'm ready to throw in the towel - public IP to 3389 | /r/sysadmin | 2023-12-07
If you're looking to learn on your own, try mikeroyal's digital forensics guide on Github. There's a lot of recommended resources there that'll speed you up. https://github.com/mikeroyal/Digital-Forensics-Guide
Yep, and from my experience too (made a tool that monitors network traffic with eBPF [1]) in addition to those issues there is also a sizable latency hit.
[1] https://github.com/elesiuta/picosnitch
Project mention: Wazuh Docker Single Node. 500 error after changing admin password | /r/Wazuh | 2023-07-31Now based on my reading of https://github.com/wazuh/wazuh-docker/issues/775This is means i should enter the indexer container and run securityadmin after setting the environment variables specified in the docs....I did this. The command completes successfully with no errors.
By the way, is there any way to initiate a force scan whenever we want without having to modify the configuration file for the time interval? According to this link "https://github.com/wazuh/wazuh-kibana-app/issues/3878," there is supposedly a button to force a specific agent to perform a scan. However, I'm using version 4.4.5 and I don't have access to that functionality.
Project mention: Pi.Alert using increasing number of arp-scan processes simultaneously | /r/pihole | 2023-07-05For those of you who may seek help on this subject, kind leiweibau helped me in this and that conversations. There is a better and actively developed fork of this project in leiweibau's github repo. So you may want to use it.
I like this a lot. We have a in-house Snort 2 forwarder that does a similar thing with https://github.com/jasonish/py-idstools and forwards the result directly using HEC. We could use the same code base for dnstap if we wanted.
Project mention: wazuh-archive* index not found in Stack Management / Index Patterns. | /r/Wazuh | 2023-05-12
Project mention: Help: Dashboard installation failing with "can't read etc/opensearch_dashboards.yml no such file or directory" | /r/Wazuh | 2023-12-06found something from GitHub discussions; was able to remove a pre-removal-script first:
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
intrusion-detection related posts
- SQLite virtual table to query operating system data via SQL
- Show HN: Natural Language to SQL "Text-to-SQL" API by Dataherald
- Alternative for Pi-Alert
- Fail2Ban – Daemon to ban hosts that cause multiple authentication errors
- Maltrail: Malicious traffic detection system
- Alternative to Endpoint Protector?
- Firewall rules beyond "deny incoming, enable only the ports that you need"
-
A note from our sponsor - WorkOS
workos.com | 24 Apr 2024
Index
What are some of the best open-source intrusion-detection projects? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | OSQuery | 21,324 |
| 2 | Fail2Ban | 10,366 |
| 3 | maltrail | 5,749 |
| 4 | OSSEC | 4,256 |
| 5 | Pi.Alert | 1,880 |
| 6 | NetAlertX | 1,583 |
| 7 | ipban | 1,502 |
| 8 | Digital-Forensics-Guide | 1,335 |
| 9 | acra | 1,292 |
| 10 | Open-Source-Security-Guide | 846 |
| 11 | picosnitch | 587 |
| 12 | wazuh-docker | 568 |
| 13 | wazuh-dashboard-plugins | 382 |
| 14 | psad | 376 |
| 15 | Intrusion-Detection-System-Using-Machine-Learning | 320 |
| 16 | Pi.Alert | 286 |
| 17 | py-idstools | 268 |
| 18 | osquery-extensions | 257 |
| 19 | wazuh-ansible | 251 |
| 20 | wazuh-documentation | 162 |
| 21 | weakforced | 118 |
| 22 | MStream | 105 |
| 23 | wazuh-packages | 87 |
Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com