A compact, self-contained lab that demonstrates real-time intrusion detection and automated response using an IDS script (Scapy), Cisco router ACLs (Netmiko), and victim host hardening (Paramiko + iptables).
A modular Python-based SIEM/IPS that monitors system logs in real-time (Sentinel) and automates threat response (SOAR). It features Regex-based log normalization, hybrid event correlation (SSH/Web), and automated firewall blocking integrated with AbuseIPDB and Discord alerts.
PiNetCore - Production-ready Raspberry Pi 5 network appliance. Rust-based packet capture engine with modular plugin architecture, nftables firewall, and TypeScript/React dashboard. Features inline bridge mode, VPN integration (WireGuard/OpenVPN), IDS/IPS support, and centralized logging. Built for home labs and advanced network control.
Autonomous IDS/IPS with ensemble ML voting, post-quantum cryptography, Kubernetes Zero Trust, self-healing watchdog, and live SOC dashboard
Enterprise SOC home lab on AWS with Splunk SIEM, Wazuh EDR, Suricata IDS/IPS - 6 detection rules, 5 dashboards, MITRE ATT&CK mapped
Documentation of a ransomware security incident at a healthcare clinic using the 5 W's framework for incident handling and reporting.
Complete network security checklist for audits and assessments. Covers firewall rules, network segmentation, access control, wireless security, VPN, and monitoring with CIS Controls mapping.
Project on Grocery Chain Network using Cisco Packet Tracer
Automated network incident detection and response system. Suricata IDS/IPS, automated IP blocking, forensic analysis dashboard. Graded 10/10.
Fully segmented home network with OPNsense, Suricata IDS/IPS, VLAN isolation, WireGuard VPN and TIG monitoring stack. Defense-in-depth architecture with 7 isolated zones.
Step-by-step guide to building a SIEM system with Suricata IDS/IPS and Elastic Stack (Elasticsearch, Kibana, Filebeat) on Ubuntu 20.04.
Snort IDS/IPS rule generator — Flask web app with inline help tooltips, 12 detection templates, PCRE flag checkboxes, HTTP URI/Header matching, rule validation, and .rules file import/export
Simulation d'une attaque APT sur un environnement Active Directory avec mesures de défense (prévention, détection, réponse).
Real-time Network Traffic Analysis Engine capable of processing high-velocity data streams to detect statistical anomalies using Z-Score & Context-Aware filtering.
Projecte intermodular ASIX: Docker, Kubernetes, Helm, Istio, Ansible i Suricata IDS/IPS. Del contenidor local a la producció cloud-native amb ciberseguretat activa.
Add a description, image, and links to the ids-ips topic page so that developers can more easily learn about it.
To associate your repository with the ids-ips topic, visit your repo's landing page and select "manage topics."