maltrail | Malicious traffic detection system | Security library

 by   stamparm Python Version: 0.58 License: MIT

kandi X-RAY | maltrail Summary

kandi X-RAY | maltrail Summary

maltrail is a Python library typically used in Security applications. maltrail has no bugs, it has no vulnerabilities, it has build file available, it has a Permissive License and it has medium support. You can download it from GitHub.

Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user defined lists, where trail can be anything from domain name (e.g. zvpprsensinaix.com for Banjori malware), URL (e.g. hXXp://109.162.38.120/harsh02.exe for known malicious executable), IP address (e.g. 185.130.5.231 for known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in discovery of unknown threats (e.g. new malware).
Support
    Quality
      Security
        License
          Reuse

            kandi-support Support

              maltrail has a medium active ecosystem.
              It has 5140 star(s) with 961 fork(s). There are 221 watchers for this library.
              OutlinedDot
              It had no major release in the last 12 months.
              There are 73 open issues and 298 have been closed. On average issues are closed in 265 days. There are 3 open pull requests and 0 closed requests.
              It has a neutral sentiment in the developer community.
              The latest version of maltrail is 0.58

            kandi-Quality Quality

              maltrail has 0 bugs and 0 code smells.

            kandi-Security Security

              maltrail has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
              maltrail code analysis shows 0 unresolved vulnerabilities.
              There are 0 security hotspots that need review.

            kandi-License License

              maltrail is licensed under the MIT License. This license is Permissive.
              Permissive licenses have the least restrictions, and you can use them in most projects.

            kandi-Reuse Reuse

              maltrail releases are available to install and integrate.
              Build file is available. You can build the component from source.
              Installation instructions, examples and code snippets are available.
              maltrail saves you 2706 person hours of effort in developing the same functionality from scratch.
              It has 6096 lines of code, 278 functions and 98 files.
              It has high code complexity. Code complexity directly impacts maintainability of the code.

            Top functions reviewed by kandi - BETA

            kandi has reviewed maltrail and discovered the below as its top functions. This is intended to give you an instant insight into maltrail implemented functionality, and help decide if they suit your requirements.
            • Update trails
            • Return True if the given address is a Bogon IP address
            • Return True if address is a CDN IP address
            • Check if trail is whitelisted
            • Read whitelist
            • Start an HTTP server
            • Generate a regular expression
            • Write text to the console
            • Returns the IP address associated with the given address
            • Create log directory
            • Check if the user is sudo
            • Patch the given parser
            • Fetch csv files
            • A worker that processes a given buffer
            • Start UDP connection
            • Updates the ipcat database
            • Read whitelisted whitelist
            • Read INI txt file
            • Set the signal handler
            • Decorator to add a metaclass
            • Checks if the current user is sudo
            • Readogon_ranges txt
            • Reads CDN ranges
            • Read the worst ASN txt file
            • Check for deprecated options
            • Return True if fullname is a package
            • Read configuration file
            • Monitor IP addresses
            Get all kandi verified functions for this library.

            maltrail Key Features

            No Key Features are available at this moment for maltrail.

            maltrail Examples and Code Snippets

            Maltrail ,Introduction
            Pythondot img1Lines of Code : 30dot img1License : Permissive (MIT)
            copy iconCopy
            alienvault, asprox, autoshun, badips, bambenekconsultingc2,
            bambenekconsultingdga, binarydefense, blocklist, botscout,
            bruteforceblocker, ciarmy, cruzit, cybercrimetracker, dshielddns,
            dshieldip, emergingthreatsbot, emergingthreatscip,
            malc0de, malwa  
            Maltrail ,Quick start
            Pythondot img2Lines of Code : 9dot img2License : Permissive (MIT)
            copy iconCopy
            sudo apt-get install python-pcapy
            git clone https://github.com/stamparm/maltrail.git
            cd maltrail
            sudo python sensor.py
            
            [[ -d maltrail ]] || git clone https://github.com/stamparm/maltrail.git
            cd maltrail
            python server.py
            
            ping -c 1 136.161.101.53
            cat  

            Community Discussions

            QUESTION

            How to escape dots in variable using bash, and replacing value in file?
            Asked 2020-Nov-03 at 17:17

            I'm trying to work out how to edit a file in a bash script, and replace it with a variable with the dots escaped. For example 123.123.123.123 needs to be replaced in the file jail.local, as 123\.123\.123\.123. I found some posts on SO that gave me some ideas, but I just can't get it right:

            ...

            ANSWER

            Answered 2020-Nov-03 at 17:17

            With a little more fiddling we can replace the '.' with both digits with word characters and have it work with your example. For instance:

            Source https://stackoverflow.com/questions/64666824

            Community Discussions, Code Snippets contain sources that include Stack Exchange Network

            Vulnerabilities

            No vulnerabilities reported

            Install maltrail

            The following set of commands should get your Maltrail Sensor up and running (out of the box with default settings and monitoring interface "any"):.
            For Ubuntu/Debian
            For SUSE/openSUSE
            For Docker environment instructions can be found here.

            Support

            For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .
            Find more information at:

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries
            CLONE
          • HTTPS

            https://github.com/stamparm/maltrail.git

          • CLI

            gh repo clone stamparm/maltrail

          • sshUrl

            git@github.com:stamparm/maltrail.git

          • Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link

            Explore Related Topics

            Consider Popular Security Libraries

            Try Top Libraries by stamparm

            DSSS

            by stamparmPython

            DSVW

            by stamparmPython

            fetch-some-proxies

            by stamparmPython

            identYwaf

            by stamparmPython

            DSXS

            by stamparmPython