An awesome configurable IDS made by us
Read Documentation
View Demo
·
Report Bug
·
Request Feature
Table of Contents
Scryer is a network-based intrusion detection system (IDS) designed to protect your network from external threats. Using advanced algorithms, Scryer is able to continuously monitor your network traffic and detect potential security breaches in real-time. With Scryer, you can stay one step ahead of attackers and ensure that your network remains secure and protected.
Scryer also includes features to detect and prevent unauthorised users from accessing your network. By continuously monitoring user activity, Scryer is able to identify suspicious login attempts and block them before they can gain access to your network. In addition, Scryer can be configured to require two-factor authentication for all users, adding an extra layer of security to protect your network from unauthorised access. With Scryer, you can be confident that only authorised users have access to your network.
To get started, you need to install python3, from here
- Clone the repo
git clone https://github.com/muhky/scryer.git
- Prerequisites are in the requirements.txt file. Install them as follows
- pip
pip install -r requirements.txt
- Review and edit
conf.ymlto describe your instance's parametersscryer: interface: wlo1 traffic: UDP: max_count: 150 max_len: 0 # Don't check for packet lengths scan_interval: 1000 # scan interval in milliseconds TCP: max_count: 10000 max_len: 0 # Don't check scan_interval: 1000 ICMP: max_count: 100 max_len: 0 scan_interval: 1000 HTTP: max_count: 200_000 max_len: 0 scan_interval: 1000 SYN: max_count: 100 max_len: 0 scan_interval: 1000 ACK: max_count: 100 max_len: 0 scan_interval: 1000 FIN: max_count: 100 data_transfer: limit: 1MB # Computers only allowed to transfer 1MB of data a second interval: 1000 network_resources: network: 192.168.*.* # Define the bounds of your network internal: 192.168.3.* # Define protected resources that even internal computers can't access external: !192.168.4.2 # Define protected resources that external computers can't access
To use this program, change directory to the root of this project and run
sudo python3 index.py- Detect unusual data transfer
- Detect suspicious packets
- Detect access to restricted resources
- Detect spike in network traffic
- Basic example config file
- Isolation of suspicious IP addresses from the network
- Booting out suspicious ip out of the network.
- Implementation of the IDS on the event manager making it easy for admins to carryout possible investigation
See the open issues for a full list of proposed features (and known issues).
Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.
If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again!
- Fork the Project
- Create your Feature Branch (
git checkout -b feature/AmazingFeature) - Commit your Changes (
git commit -m 'Add some AmazingFeature') - Push to the Branch (
git push origin feature/AmazingFeature) - Open a Pull Request
Distributed under the MIT License. See LICENSE for more information.
- Muktar Suleiman - @Abtwithmoha - muktarsuleiman62@gmail.com
- Mainasara Tsowa - @neutrino2211 - tsowamainasara@gmail.com - neutrino221.github.io
- Birma Markus Yakubu - @ThaBlackBoy__ - birma4markus@gmail.com
- Sylvester Ushie - @ -
- Rufai Ahmed Salihu - @ -
- Abdulhafeez Abdulfatai Olaitan - @ -
Project Link: https://github.com/mukhy/scryer