6Guard (IPv6 attack detector)
6Guard is an IPv6 attack detector aiming at link-local level security threats, including most attacks initiated by the THC-IPv6 suit and the advanced host discovery methods used by Nmap. It can help the network administrators detect the link-local IPv6 attacks in the early stage. 6Guard is sponsored by Google Summer of Code 2012 and supported by The Honeynet Project organization. The project page is at Project 9 - IPv6 attack detector (Xu). Here is an example of the attacking alert message provided by 6Guard. [ATTACK] Timestamp: 2012-08-19 14:48:27 Reported by: Honeypot-apple-2A:C4:2D Type: DoS Name: Fake Echo Request Attacker: [Unknown] 00:00:de:ad:be:ef (CETIA) Victim : [Honeypot-apple-2A:C4:2D] 40:3C:FC:2A:C4:2D (Apple, Inc.) Utility: THC-IPv6: smurf6 Packets: b12fe3415c1d61c1da085cb8811974a2.pcap Installation Download and install Scapy in your machine. (Or apt-get install python-scapy) Download the latest code from Github/mzweilin/ipv6-attack-detector and extract it into a directory. Usage Enter the directory of 6Guard. Run $ sudo ./conf_generator.py to generate the configuration files. Run $ sudo ./6guadrd.py. Note If it is the first t
FEATURES
ALTERNATIVES
A printer honeypot PoC that simulates a printer on a network to detect and analyze potential attackers.
CrowdSec is a behavior detection engine with a global IP reputation network.
A set of interrelated detection rules for improving detection and hunting visibility and context
Prisma SASE is a cloud-delivered service integrating network security, SD-WAN, and user experience management for comprehensive protection and optimization of hybrid work environments.
A script for extracting network metadata and fingerprints such as JA3 and HASSH from packet capture files or live network traffic.
Detects the presence of a Responder in the network by sending crafted LLMNR queries.
DenyHosts is a script to block SSH server attacks by automatically preventing attackers after failed login attempts.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.