{"id":20120503,"url":"https://github.com/lamcodeofpwnosec/it_infrastructure_security","last_synced_at":"2025-08-13T21:41:55.373Z","repository":{"id":259058421,"uuid":"876213905","full_name":"lamcodeofpwnosec/IT_Infrastructure_Security","owner":"lamcodeofpwnosec","description":"IT Infrastructure Security Project aimed at analyzing and protecting against various attacks on servers, applications, and websites, we would need to combine several technologies and implement multiple layers of security. ","archived":false,"fork":false,"pushed_at":"2024-10-25T16:24:40.000Z","size":164,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-06-01T15:42:02.363Z","etag":null,"topics":["it-infrastructure-managment","it-infrastructure-optimization","penetration-testing","penetration-testing-tools","vulnerability-detection","web-application-firewall","web-application-penetration-testing","web-application-security","web-application-server"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/lamcodeofpwnosec.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-10-21T15:30:44.000Z","updated_at":"2025-03-11T04:17:28.000Z","dependencies_parsed_at":"2024-10-22T21:25:10.328Z","dependency_job_id":null,"html_url":"https://github.com/lamcodeofpwnosec/IT_Infrastructure_Security","commit_stats":null,"previous_names":["lamcodeofpwnosec/it_infrastructure_security"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/lamcodeofpwnosec/IT_Infrastructure_Security","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lamcodeofpwnosec%2FIT_Infrastructure_Security","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lamcodeofpwnosec%2FIT_Infrastructure_Security/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lamcodeofpwnosec%2FIT_Infrastructure_Security/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lamcodeofpwnosec%2FIT_Infrastructure_Security/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/lamcodeofpwnosec","download_url":"https://codeload.github.com/lamcodeofpwnosec/IT_Infrastructure_Security/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lamcodeofpwnosec%2FIT_Infrastructure_Security/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":267834811,"owners_count":24151642,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-30T02:00:09.044Z","response_time":70,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["it-infrastructure-managment","it-infrastructure-optimization","penetration-testing","penetration-testing-tools","vulnerability-detection","web-application-firewall","web-application-penetration-testing","web-application-security","web-application-server"],"created_at":"2024-11-13T19:20:46.779Z","updated_at":"2025-07-30T08:11:21.316Z","avatar_url":"https://github.com/lamcodeofpwnosec.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# IT Infrastructure Security Project\n\nThis project provides a multi-layered defense strategy to protect servers, applications, and websites from various types of cyber attacks. It includes firewall setup, real-time monitoring, vulnerability scanning, DDoS protection, and more. By leveraging tools like Nuclei, Nmap, Fail2Ban, and custom Python/Bash scripts, this project offers a complete solution to securing your IT infrastructure.\n\n\n## Features\n\n1. **Firewall and Intrusion Detection**: Configure iptables firewall rules.\n2. **Real-Time Monitoring and Alerts**: Monitor CPU, memory, and disk usage and send alerts.\n3. **Web Application Firewall (WAF)**: Protect against SQL injection and XSS attacks.\n4. **Brute Force Protection**: Use Fail2Ban to block IPs showing signs of brute force.\n5. **Vulnerability Scanning**: Automated vulnerability scanning using Nmap.\n6. **DDoS Protection**: NGINX rate limiting to prevent DDoS attacks.\n7. **Incident Response**: Automatically block IPs when suspicious activity is detected.\n8. **Encrypted Backups**: Secure and encrypt backups automatically.\n\n## How to Set Up\n\n1. Run the `firewall/firewall_setup.sh` to configure the basic firewall.\n2. Use `monitoring/real_time_monitor.py` to enable real-time monitoring and alerts.\n3. Configure and run the Web Application Firewall (WAF) using `waf/waf.py`.\n4. Set up brute force protection with `brute_force_protection/fail2ban_setup.sh`.\n5. Automate vulnerability scans with [projectdiscovery](https://github.com/projectdiscovery/nuclei-templates/graphs/contributors) `vulnerability_scanner/vulnerability_scan.py`.\n6. Apply DDoS protection using the `ddos_protection/ddos_protection.conf` with your NGINX setup.\n7. Enable automated incident response using `incident_response/incident_response.py`.\n8. Backup and encrypt important files with `backups/backup_script.sh`.\n\n## Installation\n**Prerequisites**\n * Linux (Ubuntu/Debian preferred)\n * Python 3.6+\n * Nuclei by ProjectDiscovery\n * Nmap\n * NGINX (for DDoS protection)\n * Fail2Ban\n * iptables and gpg for encryption\n\n### Step-by-Step Installation\n1. Clone the Repository\nClone the repository to your local machine:\n```\ngit clone https://github.com/lamcodeofpwnosec/IT_Infrastructure_Security.git\n```\n2. Install Dependencies\nInstall required packages and tools using the following commands:\n```\nsudo apt update\nsudo apt install python3-pip fail2ban nmap iptables gpg nginx -y\npip3 install psutil requests\n```\n3. Install Nuclei\nInstall Nuclei by running the following commands:\n\n```\ncurl -s https://api.github.com/repos/projectdiscovery/nuclei/releases/latest | grep \"browser_download_url.*nuclei-linux-amd64.zip\" | cut -d '\"' -f 4 | wget -qi -\nunzip nuclei-linux-amd64.zip\nsudo mv nuclei /usr/local/bin/\n```\nEnsure that Nuclei is correctly installed by running:\n```\nnuclei -version\n```\n4. Set Up Firewall Rules\nNavigate to the `firewall/`` directory and run the firewall setup script:\n```\ncd firewall\nsudo bash firewall_setup.sh\n```\n5. Set Up Brute Force Protection\nSet up Fail2Ban to block brute force attacks:\n```\ncd ../brute_force_protection\nsudo bash fail2ban_setup.sh\n```\n6. Configure DDoS Protection\nCopy the NGINX rate limiting configuration to your NGINX configuration file:\n```\nsudo cp ../ddos_protection/ddos_protection.conf /etc/nginx/nginx.conf\nsudo systemctl restart nginx\n```\n### Usage\n1. **Real-Time Monitoring**\nTo monitor your system's CPU, memory, and disk usage in real-time and send alerts, run the Python script:\n```\ncd monitoring\npython3 real_time_monitor.py\n```\n2. Vulnerability Scanning\nYou can run vulnerability scans using either Nmap or Nuclei by following the steps below:\n * Nmap Scan:\n```\ncd ../vulnerability_scanner\npython3 vulnerability_scan.py\n```\nChoose option 1 for Nmap and enter the target IP.\n\n3. Block Suspicious IP\nIf you detect suspicious activity, you can block an IP by running the following script:\n```\ncd ../firewall\nsudo bash block_ip.sh \u003cIP_ADDRESS\u003e\n```\n4. Backup and Encrypt Data\nTo back up and encrypt sensitive data, use the following backup script:\n```\ncd ../backups\nsudo bash backup_script.sh\n```\n### Author\nIT Infrastructure Security Project was created by [@lamcodeofpwnosec](https://github.com/lamcodeofpwnosec/).","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flamcodeofpwnosec%2Fit_infrastructure_security","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flamcodeofpwnosec%2Fit_infrastructure_security","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flamcodeofpwnosec%2Fit_infrastructure_security/lists"}