Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mole-ids/mole

Yara powered NIDS with high speed packet capture powered by PF_RING
https://github.com/mole-ids/mole

go golang ids libpcap nids pf-ring yara

Last synced: 2 months ago
JSON representation

Yara powered NIDS with high speed packet capture powered by PF_RING

Host: GitHub
URL: https://github.com/mole-ids/mole
Owner: mole-ids
License: apache-2.0
Created: 2020-02-09T23:49:35.000Z (almost 5 years ago)
Default Branch: master
Last Pushed: 2024-05-11T05:01:19.000Z (8 months ago)
Last Synced: 2024-08-02T01:25:32.797Z (6 months ago)
Topics: go, golang, ids, libpcap, nids, pf-ring, yara
Language: Go
Homepage: https://mole-ids.org
Size: 3.04 MB
Stars: 66
Watchers: 5
Forks: 9
Open Issues: 4
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md

Awesome Lists containing this project

awesome-repositories - mole-ids/mole - Yara powered NIDS with high speed packet capture powered by PF_RING (Go)

README

        






[![Build Status](https://www.travis-ci.org/mole-ids/mole.svg?branch=master)](https://www.travis-ci.org/mole-ids/mole)

[![Docs](https://img.shields.io/badge/docs-current-brightgreen.svg)](https://docs.mole-ids.org)

[![Go Report Card](https://goreportcard.com/badge/mole-ids/mole)](https://goreportcard.com/report/mole-ids/mole)

[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)

Mole is an experimental Network Intrusion Detection System that uses Yara as matching engine and PF_RING for high speed packet capture.

---

. **[Features](#features)** .

**[Supported OSes](#supported-oses)** .

**[Quickstart](#quickstart)** .

**[Documentation](#documentation)** .

**[Contributing](#contributing)** .

---

## Features

- Yara engine for packet matching

- PF_RING integration

- Rule configuration using meta fields from Yara (variables, ranges, ...)

## Supported OSes

- [Ubuntu 18.04.4 LTS (Bionic Beaver)](https://releases.ubuntu.com/18.04.4/) 

- [Debian GNU/Linux 10 (buster)](https://www.debian.org/releases/buster/)

Planned Windows 10 and MacOS X.

## Quickstart

To get your hands on Mole, you can use the [5-Minute Quickstart](https://docs.mole-ids.org/getting-started/quick-start/) in our documentation.

## Documentation

You can find the complete documentation of Mole at [https://docs.mole-ids.org](https://docs.mole-ids.org).

## Contributing

Please note that this project is released with a [Contributor Code of Conduct](CODE_OF_CONDUCT.md).

By participating in this project, you agree to abide by its terms.