Skip to content

Harry-Khatri/NIDS-Intrusion-Detection-

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
NIDS/reports
NIDS/reports
 
 
custom-rules
custom-rules
 
 
osquery
osquery
 
 
reports
reports
 
 
response_playbooks
response_playbooks
 
 
scripts
scripts
 
 
threat-intel
threat-intel
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
NIDS Project Index Page.docx
NIDS Project Index Page.docx
 
 
README.md
README.md
 
 
SOC Analyst .docx
SOC Analyst .docx
 
 
day24_alert.py
day24_alert.py
 
 
enterprise_attack.json
enterprise_attack.json
 
 
load_custom_rules.sh
load_custom_rules.sh
 
 
mitre_mapping.json
mitre_mapping.json
 
 
osqueryi
osqueryi
 
 
report_generator.py
report_generator.py
 
 
report_to_pdf.py
report_to_pdf.py
 
 
send_alert_email.sh
send_alert_email.sh
 
 
signatures.txt
signatures.txt
 
 
suricata_alert_summary.py
suricata_alert_summary.py
 
 
suricata_mitre_mapping.py
suricata_mitre_mapping.py
 
 
suricata_mitre_mapping.py.save
suricata_mitre_mapping.py.save
 
 

Repository files navigation

NIDS/ ├── custom-rules/ # Custom Suricata or NIDS detection rules ├── extract_osq/ # Scripts/tools for extracting osquery data ├── NIDS/ # Core detection logic and modules ├── osquery/ # osquery binaries and config ├── reports/ # Generated reports and logs ├── response_playbooks/ # Automated response scripts/playbooks ├── scripts/ # Python/Bash scripts (automation, alert, response) ├── threat-intel/ # Threat intelligence enrichment scripts/data ├── .gitattributes ├── .gitignore ├── README.md # Project documentation (this file) ├── requirements.txt # Python dependencies (if used)

git clone https://github.com//.git cd NIDS

pip install -r requirements.txt

#for installation or importing the large binaries from github git lfs install git lfs track "osquery/osqueryd"

#for automating the alerts python scripts/send_alert_email.sh

#For email report generation python scripts/report_to_pdf.py

About

"This project is a Network Intrusion Detection System (NIDS) that combines Suricata for network traffic analysis, osquery for endpoint monitoring, and the ELK Stack (Elasticsearch, Logstash, Kibana) for centralized log management and visualization. It offers real-time threat detection, automated response scripts, custom rules in comprehensive way"

Topics

python linux bash network cybersecurity nmap suricata intrusion-detection wireshark network-security logs-analysis intrusion-prevention-system

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages