Skip to content

/ mole

Yara powered NIDS with high speed packet capture powered by PF_RING

mole-ids.org
Apache-2.0 License
32 stars 2 forks
Star
Watch
master
3 branches 3 tags
Go to file
Code

Clone with HTTPS

Use Git or checkout with SVN using the web URL.

Latest commit

@Xumeiquer
Xumeiquer fixing issues in travis
7c238bc Aug 17, 2020
fixing issues in travis
7c238bc

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
.chglog
 
 
.github/ISSUE_TEMPLATE
 
 
.travis
 
 
cmd
 
 
docker
 
 
docs
 
 
internal
 
 
pkg
 
 
rules
 
 
script
 
 
test_pcap
 
 
test_rules
 
 
.gitignore
 
 
.travis.yml
 
 
CHANGELOG.md
 
 
CODE_OF_CONDUCT.md
 
 
LICENSE
 
 
Makefile
 
 
README.md
 
 
go.mod
 
 
go.sum
 
 
main.go
 
 
make-release.sh
 
 
mole_dist.yml
 
 

README.md

Mole

Build Status Docs Go Report Card License

Mole is an experimental Network Intrusion Detection System that uses Yara as matching engine and PF_RING for high speed packet capture.

. Features . Supported OSes . Quickstart . Documentation . Contributing .

Features

  • Yara engine for packet matching
  • PF_RING integration
  • Rule configuration using meta fields from Yara (variables, ranges, ...)

Supported OSes

Planned Windows 10 and MacOS X.

Quickstart

To get your hands on Mole, you can use the 5-Minute Quickstart in our documentation.

Documentation

You can find the complete documentation of Mole at https://docs.mole-ids.org.

Contributing

Please note that this project is released with a Contributor Code of Conduct. By participating in this project, you agree to abide by its terms.

About

Yara powered NIDS with high speed packet capture powered by PF_RING

mole-ids.org

Topics

pf-ring ids nids yara golang go libpcap

Resources

Readme

License

Apache-2.0 License

Releases 3

Mole IDS Initial Release - Beta Latest
Aug 17, 2020
+ 2 releases

Packages

No packages published

Contributors 3

Languages

You can’t perform that action at this time.