maltrail | Malicious traffic detection system | Security library

by stamparm Python Version: 0.58 License: MIT

X-Ray Key Features Code Snippets(2)Community Discussions(1)Vulnerabilities Install Support

kandi X-RAY | maltrail Summary

maltrail is a Python library typically used in Security applications. maltrail has no bugs, it has no vulnerabilities, it has build file available, it has a Permissive License and it has medium support. You can download it from GitHub.

Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user defined lists, where trail can be anything from domain name (e.g. zvpprsensinaix.com for Banjori malware), URL (e.g. hXXp://109.162.38.120/harsh02.exe for known malicious executable), IP address (e.g. 185.130.5.231 for known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in discovery of unknown threats (e.g. new malware).

Support

Quality

Security

License

Reuse

Support

maltrail has a medium active ecosystem.

It has 5140 star(s) with 961 fork(s). There are 221 watchers for this library.

It had no major release in the last 12 months.

There are 73 open issues and 298 have been closed. On average issues are closed in 265 days. There are 3 open pull requests and 0 closed requests.

It has a neutral sentiment in the developer community.

The latest version of maltrail is 0.58

Quality

maltrail has 0 bugs and 0 code smells.

Security

maltrail has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.

maltrail code analysis shows 0 unresolved vulnerabilities.

There are 0 security hotspots that need review.

License

maltrail is licensed under the MIT License. This license is Permissive.

Permissive licenses have the least restrictions, and you can use them in most projects.

Reuse

maltrail releases are available to install and integrate.

Build file is available. You can build the component from source.

Installation instructions, examples and code snippets are available.

maltrail saves you 2706 person hours of effort in developing the same functionality from scratch.

It has 6096 lines of code, 278 functions and 98 files.

It has high code complexity. Code complexity directly impacts maintainability of the code.

Top functions reviewed by kandi - BETA

kandi has reviewed maltrail and discovered the below as its top functions. This is intended to give you an instant insight into maltrail implemented functionality, and help decide if they suit your requirements.

Update trails
Return True if the given address is a Bogon IP address
Return True if address is a CDN IP address
Check if trail is whitelisted
Read whitelist
Start an HTTP server
Generate a regular expression
Write text to the console
Returns the IP address associated with the given address
Create log directory
Check if the user is sudo
Patch the given parser
Fetch csv files
A worker that processes a given buffer
Start UDP connection
Updates the ipcat database
Read whitelisted whitelist
Read INI txt file
Set the signal handler
Decorator to add a metaclass
Checks if the current user is sudo
Readogon_ranges txt
Reads CDN ranges
Read the worst ASN txt file
Check for deprecated options
Return True if fullname is a package
Read configuration file
Monitor IP addresses

Get all kandi verified functions for this library.

maltrail Key Features

No Key Features are available at this moment for maltrail.

maltrail Examples and Code Snippets

Maltrail ,Introduction

Python

Lines of Code : 30

License : Permissive (MIT)

Copy

alienvault, asprox, autoshun, badips, bambenekconsultingc2,
bambenekconsultingdga, binarydefense, blocklist, botscout,
bruteforceblocker, ciarmy, cruzit, cybercrimetracker, dshielddns,
dshieldip, emergingthreatsbot, emergingthreatscip,
malc0de, malwa

Maltrail ,Quick start

Python

Lines of Code : 9

License : Permissive (MIT)

Copy

sudo apt-get install python-pcapy
git clone https://github.com/stamparm/maltrail.git
cd maltrail
sudo python sensor.py

[[ -d maltrail ]] || git clone https://github.com/stamparm/maltrail.git
cd maltrail
python server.py

ping -c 1 136.161.101.53
cat

Community Discussions

Trending Discussions on maltrail

How to escape dots in variable using bash, and replacing value in file?

QUESTION

How to escape dots in variable using bash, and replacing value in file?

Asked 2020-Nov-03 at 17:17

I'm trying to work out how to edit a file in a bash script, and replace it with a variable with the dots escaped. For example 123.123.123.123 needs to be replaced in the file jail.local, as 123\.123\.123\.123. I found some posts on SO that gave me some ideas, but I just can't get it right:

...

ANSWER

Answered 2020-Nov-03 at 17:17

With a little more fiddling we can replace the '.' with both digits with word characters and have it work with your example. For instance:

Source https://stackoverflow.com/questions/64666824

Community Discussions, Code Snippets contain sources that include Stack Exchange Network

Vulnerabilities

No vulnerabilities reported

Install maltrail

The following set of commands should get your Maltrail Sensor up and running (out of the box with default settings and monitoring interface "any"):.
For Ubuntu/Debian
For SUSE/openSUSE
For Docker environment instructions can be found here.

Support

For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .

Find more information at: