A compact, self-contained lab that demonstrates real-time intrusion detection and automated response using an IDS script (Scapy), Cisco router ACLs (Netmiko), and victim host hardening (Paramiko + iptables).
A modular Python-based SIEM/IPS that monitors system logs in real-time (Sentinel) and automates threat response (SOAR). It features Regex-based log normalization, hybrid event correlation (SSH/Web), and automated firewall blocking integrated with AbuseIPDB and Discord alerts.
Autonomous IDS/IPS with ensemble ML voting, post-quantum cryptography, Kubernetes Zero Trust, self-healing watchdog, and live SOC dashboard
Real-time Network Traffic Analysis Engine capable of processing high-velocity data streams to detect statistical anomalies using Z-Score & Context-Aware filtering.
Snort IDS/IPS rule generator — Flask web app with inline help tooltips, 12 detection templates, PCRE flag checkboxes, HTTP URI/Header matching, rule validation, and .rules file import/export
Add a description, image, and links to the ids-ips topic page so that developers can more easily learn about it.
To associate your repository with the ids-ips topic, visit your repo's landing page and select "manage topics."