Tags : Browse Projects

Select a tag to browse associated projects and drill deeper into the tag cloud.

Snort

Compare

  Analyzed about 5 hours ago

Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth ... [More] port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rule based language to describe traffic that it should collect or pass, and a modular detection engine. Snort has a real-time alerting capability, with alert mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients using Samba's smbclient. [Less]

347K lines of code

13 current contributors

3 days since last commit

88 users on Open Hub

High Activity
4.09091
   
I Use This

OSSEC

Compare

  Analyzed about 16 hours ago

148K lines of code

25 current contributors

24 days since last commit

16 users on Open Hub

Very Low Activity
4.5
   
I Use This
Licenses: No declared licenses

PHPIDS

Compare

  Analyzed 2 days ago

PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application. The IDS neither strips, sanitizes nor filters any malicious input, it simply recognizes when an attacker tries to break your site and reacts in ... [More] exactly the way you want it to. Based on a set of approved and heavily tested filter rules any attack is given a numerical impact rating which makes it easy to decide what kind of action should follow the hacking attempt. This could range from simple logging to sending out an emergency mail to the development team, displaying a warning message for the attacker or even ending the user’s session. [Less]

50.1K lines of code

0 current contributors

over 9 years since last commit

14 users on Open Hub

Inactive
4.4
   
I Use This

Prelude SIEM

Compare

  Analyzed about 17 hours ago

Prelude SIEM is a Security Information and Event Management system, for all available security application, opensource or proprietary, to report to a centralized system. In order to achieve this task, Prelude relies on the IDMEF (Intrusion Detection Message Exchange Format) IETF standard (RFC 4765) ... [More] , that enables different kinds of sensors to generate events using an unified language. Prelude SIEM benefits from its ability to find traces of malicious activity from different sensors (Snort, Suricata, OSSEC, Wazuh, honeyd, Samhain, over 30 types of systems logs, and others) in order to better verify an attack and in the end to perform automatic correlation between the various events. Prelude SIEM is commited to providing a SIEM that offers the ability to unify currently available tools. [Less]

451K lines of code

6 current contributors

over 3 years since last commit

12 users on Open Hub

Inactive
4.83333
   
I Use This

IronBee

Compare

  Analyzed about 24 hours ago

Led by the team who designed and built ModSecurity, the new project aims to produce a web application firewall sensor that is secure, high-performing, portable, and freely available – even for commercial use. Hosted at the web site www.ironbee.com, the project is open to all parties interested in joining the development effort.

235K lines of code

0 current contributors

about 8 years since last commit

6 users on Open Hub

Inactive
3.0
   
I Use This

Openwall - scanlogd

Compare

  Analyzed 1 day ago

scanlogd is a TCP port scan detection tool, originally designed to illustrate various attacks an IDS developer has to deal with, for a Phrack Magazine article. Thus, unlike some of the other port scan detection tools out there, scanlogd is designed to be totally safe to use. scanlogd supports ... [More] several packet capture interfaces: the raw socket interface on Linux (which does not require any libraries), libnids, and libpcap. [Less]

638 lines of code

0 current contributors

about 3 years since last commit

5 users on Open Hub

Inactive
0.0
 
I Use This

wazuh

Compare

  Analyzed about 5 hours ago

Wazuh - The Open Source Security Platform (OSSEC fork)

661K lines of code

0 current contributors

21 days since last commit

3 users on Open Hub

Very High Activity
0.0
 
I Use This
Licenses: No declared licenses

Nova Network Anti-reconnaissance System

Compare

  Analyzed about 17 hours ago

Nova is a software application for preventing and detecting hostile Network Reconnaissance. It does this by first creating a large array of thin virtual machines on the target network. These VMs are created using an updated Honeyd to be extremely lightweight. They're not your typical VMs that you ... [More] might see from VirtualBox or VMWare. They just appear to be real from the perspective of the network, and run network "services" which are just shell scripts. Second, Nova uses machine learning algorithms to automatically detect and classify attempts at hostile reconnaissance, so there's no need to go searching manually through your honeypot's log files. [Less]

37.2K lines of code

0 current contributors

about 9 years since last commit

2 users on Open Hub

Inactive
5.0
 
I Use This

expose-ids

Compare

  Analyzed about 20 hours ago

An Intrusion Detection System library loosely based on PHP IDS

5.3K lines of code

0 current contributors

over 6 years since last commit

1 users on Open Hub

Inactive
0.0
 
I Use This
Licenses: No declared licenses

pyHIDS

Compare

  Analyzed about 22 hours ago

pyHIDS is a host-based intrusion detection system. It uses an RSA signature to check the integrity of its database. Alerts are written in the logs of the system, and can be sent via email to a list of users or on IRC channels (through the irker IRC client). You can define rules to specify files to be checked periodically.

685 lines of code

0 current contributors

11 days since last commit

0 users on Open Hub

Low Activity
0.0
 
I Use This