#Ids

Showing 35 of 35 repositories tagged #ids, ranked by stars

fail2ban
fail2ban
fail2ban

Daemon to ban hosts that cause multiple authentication errors

Score
100
★ 18.1k ⑂ 1.5k +25/day
Python
crowdsecurity
crowdsecurity
crowdsec

CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.

Score
100
★ 14.2k ⑂ 672 +2/day
Go
SigmaHQ
SigmaHQ
sigma

Main Sigma Rule Repository

Score
50
★ 10.7k ⑂ 2.7k +2/day
Python
OISF
OISF
suricata

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.

Score
100
★ 6.4k ⑂ 1.7k +2/day
C
teler-sh
teler-sh
teler

Real-time HTTP Intrusion Detection

Score
50
★ 3.1k ⑂ 251 +1/day
Go
pucherot
pucherot
Pi.Alert

WIFI / LAN intruder detector. Check the devices connected and alert you with unknown devices. It also warns of the disconnection of "always connected" devices

Score
70
★ 2.5k ⑂ 155 +3/day
JavaScript
shramos
shramos
Awesome-Cybersecurity-Datasets

A curated list of amazingly awesome Cybersecurity datasets

Score
65
★ 2.0k ⑂ 342 +1/day
StamusNetworks
StamusNetworks
Clear-NDR-ISO

A Suricata based NDR distribution

Score
74
★ 1.6k ⑂ 289
Shell
nzymedefense
nzymedefense
nzyme

CLOSE ACCESS DENIAL.

Score
91
★ 1.6k ⑂ 149
Java
al0ne
al0ne
suricata-rules

Suricata IDS rules 用来检测红队渗透/恶意行为等,支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等

Score
57
★ 1.3k ⑂ 305 +1/day
wazuh
wazuh
wazuh-docker

Wazuh - Docker containers

Score
96
★ 1.1k ⑂ 564 +2/day
Shell
teris-io
teris-io
shortid

Super short, fully unique, non-sequential and URL friendly Ids

Score
0
★ 963 ⑂ 69
Go
bloodzer0
bloodzer0
ossa

Open-Source Security Architecture | 开源安全架构

Score
52
★ 942 ⑂ 217
stratosphereips
stratosphereips
StratosphereLinuxIPS

Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT in Prague.

Score
100
★ 880 ⑂ 201
Python
wazuh
wazuh
wazuh-ruleset

Wazuh - Ruleset

Score
48
★ 523 ⑂ 232
Python
wazuh
wazuh
wazuh-dashboard-plugins

Plugins for Wazuh Dashboard

Score
87
★ 516 ⑂ 236
TypeScript
jasonish
jasonish
evebox

Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search

Score
78
★ 496 ⑂ 78 +1/day
Rust
wazuh
wazuh
wazuh-ansible

Wazuh - Ansible playbook

Score
83
★ 415 ⑂ 232 +1/day
Shell
teler-sh
teler-sh
teler-waf

teler-waf is a Go HTTP middleware that protects local web services from OWASP Top 10 threats, known vulnerabilities, malicious actors, botnets, unwanted crawlers, and brute force attacks.

Score
35
★ 401 ⑂ 33
Go
travisbgreen
travisbgreen
hunting-rules

Suricata rules for network anomaly detection

Score
61
★ 182 ⑂ 43
Kwangsa19
Kwangsa19
Ketmanto-Cybersecurity-Portfolio

I developed a rigorous cybersecurity project portfolio on mock clients covering NIST, audits, Linux, SQL, assets, threats, vulnerabilities, detection, incident response, escalation, Wireshark, tcpdump, IDS (Suricata), SIEM (Splunk, Chronicle), and Python automation.

Score
26
★ 174 ⑂ 43
Jupyter Notebook
whyisyoung
whyisyoung
CADE

Code for our USENIX Security 2021 paper -- CADE: Detecting and Explaining Concept Drift Samples for Security Applications

Score
0
★ 148 ⑂ 41
Python
ggulgun
ggulgun
NIDS-Intrusion-Detection

Simple Implementation of Network Intrusion Detection System. KddCup'99 Data set is used for this project. kdd_cup_10_percent is used for training test. correct set is used for test. PCA is used for dimension reduction. SVM and KNN supervised algorithms are the classification algorithms of project. Accuracy : %83.5 For SVM , %80 For KNN

Score
100
★ 94 ⑂ 37
Python
ait-aecid
ait-aecid
logdata-anomaly-miner

This tool parses log data and allows to define analysis pipelines for anomaly detection. It was designed to run the analysis with limited resources and lowest possible permissions to make it suitable for production server use.

Score
0
★ 92 ⑂ 23
Python
wazuh
wazuh
wazuh-api

Wazuh - RESTful API

Score
22
★ 81 ⑂ 63
JavaScript
0xThiebaut
0xThiebaut
sigmai

Import specific data sources into the Sigma generic and open signature format.

Score
13
★ 79 ⑂ 5
Go
metal-stack
metal-stack
firewall-controller

A kubernetes controller running on bare-metal firewalls, creating nftables rules, configures suricata, collects network metrics

Score
0
★ 64 ⑂ 5
Go
gradiuscypher
gradiuscypher
grIDS

My network monitoring solution and tools that go along with it.

Score
17
★ 61 ⑂ 24 +61/day
Dockerfile
8damon
8damon
Blackbird

Powerful Kernel Windows Platform for Malware Analysis, SRE, Forensics & Threat Hunting

Score
43
★ 48 ⑂ 7 +21/day
C#
Western-OC2-Lab
Western-OC2-Lab
AutoML-and-Adversarial-Attack-Defense-for-Zero-Touch-Network-Security

This repository includes code for the AutoML-based IDS and adversarial attack defense case studies presented in the paper "Enabling AutoML for Zero-Touch Network Security: Use-Case Driven Analysis" published in IEEE Transactions on Network and Service Management.

Score
30
★ 45 ⑂ 13
Jupyter Notebook
hookprobe
hookprobe
hookprobe

🛡️ Free AI that blocks hackers while you sleep. Runs on cheap hardware. When someone in Tokyo gets attacked, you're protected in 30 seconds. No fees. No experts needed. Just protection. One node's detection → everyone's protection.

Score
39
★ 43 ⑂ 9 +1/day
Python
Western-OC2-Lab
Western-OC2-Lab
AutonomousCyber-AutoML-based-Autonomous-Intrusion-Detection-System

This repository includes code for the paper "Towards Autonomous Cybersecurity: An Intelligent AutoML Framework for Autonomous Intrusion Detection" accepted in AutonomousCyber, ACM CCS, 2024.

Score
9
★ 33 ⑂ 6
Jupyter Notebook
ethansilvas
ethansilvas
splunk-logs-and-investigations

Investigating attacks using Splunk Enterprise logs and creating SPL intrusion detection searches based on known attacker TTPs and anomaly behavior derived from statistical baselines

Score
4
★ 29 ⑂ 5
anacletu
anacletu
ml-intrusion-detection-cicids2017

Machine Learning-based Intrusion Detection System (IDS) tailored for resource-constrained networks

Score
0
★ 20 ⑂ 5
Jupyter Notebook
marichu-kt
marichu-kt
local-network-attack-defense-simulator

Este proyecto es un simulador de ciberseguridad diseñado para entornos educativos. Permite a estudiantes practicar técnicas de ataque y defensa en un entorno controlado, replicando situaciones reales de ciberseguridad sin riesgo para sistemas en producción.

Score
0
★ 11 ⑂ 0
Python
Related Topics
#security#intrusion-detection#cybersecurity#monitoring#ips#log-analysis#machine-learning#loganalyzer#intrusion-detection-system#suricata#incident-response#security-awareness

© 2026 GitRepoTrend · GitHub repositories by topic · Updated weekly