gatekeeper - First open source DDoS protection system

  •        323

Note: Both libmnl0 and libmnl-dev are needed to compile and run gatekeeper, but only libmnl0 is needed for simply running gatekeeper. To use DPDK, make sure you have all of the environmental requirements:



Related Projects

curiefense - Curiefense is a unified, open source platform protecting cloud native applications.

  •    TypeScript

Curiefense is a new application security platform, which protects sites, services, and APIs. It extends Envoy proxy to defend against a variety of threats, including SQL and command injection, cross site scripting (XSS), account takeovers (ATOs), application-layer DDoS, remote file inclusion (RFI), API abuse, and more. There are many ways to get involved with Curiefense.

f-stack - F-Stack is an user space network development kit with high performance based on DPDK, FreeBSD TCP/IP stack and coroutine API

  •    C

With the rapid development of Network Interface Cards the poor performance of data packet processing with the Linux kernel has become the bottleneck in modern network systems. Yet, the increasing demands of the Internet's growth demand a higher performant network processing solution. Kernel bypass has emerged to catch more and more attention. There are various similar technologies such as: DPDK, NETMAP and PF_RING. The main idea of kernel bypass is that Linux is only used to deal with control flow; all data streams are processed in user space. Therefore, kernel bypass can avoid performance bottlenecks caused by kernel packet copying, thread scheduling, system calls, and interrupts. Furthermore, kernel bypass can achieve higher performance with multi-optimizing methods. Within various techniques, DPDK has been widely used because of it's more thorough isolation from kernel scheduling and active community support. To deal with the increasingly severe DDoS attacks the authorized DNS server of Tencent Cloud DNSPod switched from Gigabit Ethernet to 10-Gigabit at the end of 2012. We faced several options: one is to continue to use the original network stack in the Linux kernel, another is to use kernel bypass techniques. After several rounds of investigation; we finally chose to develop our next generation of DNS server based on DPDK. The reason is DPDK provides ultra-high performance and can be seamlessly extended to 40G, or even 100G NIC, in the future.


  •    Assembly

HeXHub is an IOCP-based file-sharing hub and web server with anti-flood protection, built-in firewall designed to filter DDoS, and to prevent most common forms of DoS currently used against hubs, anti-spam protection, content filtering and more.

Alfandega Firewall

  •    Perl

Alfandega is a strong and Modular IpTables Firewall. It provides NAT, port-forwarding, spoofing list, blacklist of crackers and spywares sites, protection for tcp/udp scans, DOS/DDOS and Smurf attacks, TCP tuning, DHCP and PPP support and much more.

Sentinel - A framework agnostic authentication & authorization system.

  •    PHP

Sentinel is a PHP 5.4+ fully-featured authentication & authorization system. It also provides additional features such as user roles and additional security features. Sentinel is a framework agnostic set of interfaces with default implementations, though you can substitute any implementations you see fit.

nginx-ultimate-bad-bot-blocker - Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders

  •    Shell

Please make sure you are subscribed to Github Notifications to be notified when the blocker is updated or when any important or mission critical (potentially breaking) changes may take place. This is our new preferred method of installation which is now done through a set of shell scripts contributed to this repo and maintained by Stuart Cardall @itoffshore who is one of the Alpine Linux package maintainers.

DDOSIM - Layer 7 DDoS Simulator


DDOSIM simulates several zombie hosts (having random IP addresses) which create full TCP connections to the target server. After completing the connection, DDOSIM starts the conversation with the listening application (e.g. HTTP server).

eEx Network Library

  •    DotNet

The eEx Network Library contains many classes for monitoring, analyzing, parsing and also changing network traffic. It is basically around WinPcap/LibPcap and provides a framework to write own functions and plug-ins.



Send infinite requests to specified URL target; join with others to wage distributed denial of service attacks against the deserving and overly self-serving.

bottleneck - Task scheduler and rate limiter

  •    Javascript

Bottleneck is a lightweight and efficient Task Scheduler and Rate Limiter for Node.js and the browser. When dealing with services with limited resources, it's important to ensure that they don't become overloaded.Bottleneck is an easy solution as it does not add much complexity to your code.


  •    C

Hyenae is a highly flexible platform independent network packet generator. It allows you to reproduce several MITM, DoS and DDoS attack scenarios, comes with a clusterable remote daemon and an interactive attack assistant. Hyenae will be continued here:


  •    C++

Panoptis plans to create a network security tool (N-IDS) to detect and block DoS and DDoS attacks. The programming language is C++, and the input is being provided by routers.

awesome-iot - Awesome IoT

  •    Python

IoTSeeker This scanner will scan a network for specific types of IoT devices to detect if they are using the default, factory set credentials. nShield ★ 66 ⧗ 35 - An Easy and Simple Anti-DDoS solution for VPS,Dedicated Servers and IoT devices based on iptables.

GoBot2 - Second Version of The GoBot Botnet, But more advanced.

  •    Go

After seeing another users Go based botnet i wanted to do more work on my GoBot, But i ended up building something a bit more. There is issues with this but it more of a advanced PoC.... I am not a good coder but i was able to make this buy doing some basic reading online. There was more i wanted to do with this project but i stopped, I am getting out of making Malware and virus's... I am going to move on to more legitimet things. Though i will be posting some of my old projects on my Github, and most of witch are malevolent i am putting them here to make it simpler for the 'good guys' to fight them and there kin. The C&C is a program, You can compile it for Windows, Linux, Mac systems. Its a self-running web-server that handles all connections on the selected port in the settings. it will serve the HTLM C&C to a connector if you allow it and it saves data about account, bots and commands as a SQL database and bots files (screenshots, keylogs, ect) as file under the bots own "Profile" You can control the botnet from the program(more secure) or control it from the HTML C&C. The C&C's program is extremely stable, Go based servers are know for handling millions or requests at once without fail, just make sure you have a good connection. The C&C has a build in hard-coded login (kinda like a Backdoor) you can use if you 'forgot' the account login. the C&C can have any number of accounts. With it being a self-contained program this removes the issue of SQLi attacks on the C&C so its more SECURE. The C&C can also run inside a Tor Hidden service if configured right and the client (bot) can connect to it using a or forwarder if needed. Tor can also be used by the bot via a SOCKS proxy... Simple to do, Google it.

swarm - swarm docs

  •    Makefile

Swarm is a distributed storage platform and content distribution service, a native base layer service of the ethereum web 3 stack. The primary objective of Swarm is to provide a sufficiently decentralized and redundant store of Ethereum's public record, in particular to store and distribute Đapp code and data as well as block chain data. From an economic point of view, it allows participants to efficiently pool their storage and bandwidth resources in order to provide the aforementioned services to all participants. From the end user's perspective, Swarm is not that different from WWW, except that uploads are not to a specific server. The objective is to peer-to-peer storage and serving solution that is DDOS-resistant, zero-downtime, fault-tolerant and censorship-resistant as well as self-sustaining due to a built-in incentive system which uses peer to peer accounting and allows trading resources for payment. Swarm is designed to deeply integrate with the devp2p multiprotocol network layer of Ethereum as well as with the Ethereum blockchain for domain name resolution, service payments and content availability insurance.

nff-go - NFF-Go -Network Function Framework for GO (former YANFF)

  •    Go

NFF-Go becomes part of DPDK project umbrella under Linux Foundation! Mirror repo can be found here: We will accept patches through DPDK mail-list and standard DPDK contribution process too. NFF-Go is a set of libraries for creating and deploying cloud-native Network Functions (NFs). It simplifies the creation of network functions without sacrificing performance.

dpvs - DPVS is a high performance Layer-4 load balancer based on DPDK.

  •    C

DPVS is a high performance Layer-4 load balancer based on DPDK. It's derived from Linux Virtual Server LVS and its modification alibaba/LVS. the name DPVS comes from "DPDK-LVS".

gatekeeper - Gatekeeper: An Authentication & Authorization Library

  •    PHP

The Gatekeeper library is a simple drop-in library that can be used to manage users, permissions and groups for your application. The goal is to make securing your application as simple as possible while still providing a solid and secure foundation to base your user system around. Gatekeeper is best classified as a Role-Base Access Control (RBAC) system with users, groups and permissions. It is framework-agnostic and is set up to use its own database for the user handling.

dpdk-ovs - Open vSwitch accelerated by Intel® DPDK

  •    C

To get started right away, we recommend that you check out the documentation contained in the [`docs`][docs] directory. These files provide an in-depth overview of the components, system requirements and basic operation of Intel® DPDK vSwitch. The documents are written in Markdown format, so for best results, view the documentation using a Markdown viewer, or on [GitHub][docs].______

We have large collection of open source products. Follow the tags from Tag Cloud >>

Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.