Projects

Snort

Snort® is an open source network intrusion prevention and detection system using a flexible rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is the most widely deployed intrusion detection and ... [More] prevention technology worldwide and has become the de facto standard for the industry. [Less]

Suricata IDS/IPS

Suricata is an open source Intrusion Detection and Prevention (IDS/IPS) engine. Suricata is developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded, has native IPv6 support, file extraction capabilities and many more features. It's capable ... [More] of loading existing Snort rules and signatures and supports many frontends through Barnyard2. [Less]

snort-stat

Snort_stat.pl is a report tool for Snort, the Open Source Intrusion Detection System. Snort_stat.pl can be used to generate simple emails off of Snort Alert (text) output and eventually Unified (native binary) output.

sniper-cd

SNIPER (Snort NTOP IPaudit P0f Etc RapidInstall) is single CD install media aimed at bridging the gap between liveCDs and package by package production installs. SNIPER installs in minutes with zero or minimal user interaction, depending on the version selected. In its base form, SNIPER will turn ... [More] any system into a production ready security monitoring host. [Less]

OpenUTM

OpenUTM is an open source Unified Threat Management software framework to be used to combine together other open source projects to build an easily managed UTM firewall appliance.

fx-http-traffic-generator

fx-http-traffic-generator v.01fx-http-traffic-generator was created to respond to the need of those who want to generate a good amount of http traffic. Depending on the need, different things can be performed with the traffic generated. The idea was born when testing Intrusion Detection System and ... [More] their resistance to HTTP attacks. Part of the code I am using was inspired by http://www.javapractices.com/topic/TopicAction.do?Id=147 The main focus of the project are: Generate HTTP traffic Test IDS Take advantage of urlBlacklist Test Web Application against well known spam databases Obfuscate URL while passing traffic to leverage a higher test lever of web application and IDS boxes. Running the projectThe project accepts three parameters: aArgs[0]: this is the file containing all the domains and or Urls aArgs[1]: (header | content) specifies whether to extract pages hearder or their content aArgs[2]: afile - a file name on which all extracted headers/content will be saved. To run the project, go to the command line (linux, windows, any java enabled OS) java -jar WebPageFetcher [header|content] To do user parallelism to extract more that one header/content at once extract domain/url header at a certain speed obfuscate header request apply more than one obfuscation technique at the same time. accept folder of files i.e. a folder can be passed into parameters instead of passing individual file. Brought to you by Jules F. Pagna Disso -- jferdinand-at-gmail-dot-com You can aslo check my Website at http://www.thescholars.info/ [Less]

Snorby

A modern and clean Snort web front-end.

winids

Anomaly based intrusion detection technique is supposed to be able to defend against zero day attacks. While due to high false positives, the current anomaly detection approaches mostly stay on the research phase, not practical products. The purpose of this project is to put the most recent ... [More] academic research results on anomaly network intrusion detection into a practical product on Windows Platform. The following list gives the expectation on the project: A kernel level NIDS product (similar to Norton antivirus software) Using plug-in method for any 3rd party detection approaches Compatiable with Snort IDS rules [Less]