A kernel-based IDS for Linux. KSPIDS monitors especially system calls.

Some of my security-related coding projects for OpenBSD: A kernel-based user-profile intrusion detection system (FUPIDS) and an ICMP-based "port-knocking" service (openportd).

Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practices.

Daemon to ban hosts that cause multiple authentication errors

恶意IP全自动封禁平台。支持收集如下安全设备告警：长亭WAF社区版（SafeLine）、微步蜜罐HFish、奇安信天眼、奇安信椒图、绿盟WAF、科来网络安全分析审计系统。支持如下设备联动封禁：RouterOS、OPNsense、CheckPoint、奇安信防火墙、旁路阻断（无需设备配合）

Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)

A golang ebpf libary based on cilium/ebpf and datadog/ebpf.

A HIDS (host-based intrusion detection system) for verifying the integrity of a system.

This tool parses log data and allows to define analysis pipelines for anomaly detection. It was designed to run the analysis with limited resources and lowest possible permissions to make it suitable for production server use.

Halley, a lightweight cybersecurity solution.

Install open-source software from source to focus on Zero Trust Network principles, enhancing security for existing applications, and deploying tools for threat detection and prevention.

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

A method for grouping, clustering, and merging semi-structured alerts

A basic HIDS implementation.

A Linux Host-based Intrusion Detection System based on eBPF.

一款linux下的安全产品目的是满足个人安全需求有SSH爆破防护和SYN攻击扫描防护功能,基于netfilter,

Scripts to deploy virtual testbed for log data analysis and anomaly detection.

Host-Based Intrusion Detection System

Find all the ip adresses that have repeat offenses according to the NGINX access logs.