Skip to content
/ OpenMammoth Public

A powerful and comprehensive network protection tool designed to safeguard your systems against various types of cyber attacks.

License

MIT license
8 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

root0emir/OpenMammoth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
main.c
main.c
 
 
network_protection.c
network_protection.c
 
 
network_protection.h
network_protection.h
 
 
ui.c
ui.c
 
 
ui.h
ui.h
 
 

Repository files navigation

OpenMammoth Network Protection Toolkit

A powerful and comprehensive network protection tool designed to safeguard your systems against various types of cyber attacks.

Features

  • Advanced Attack Detection

    • Port scanning detection
    • SYN flood protection
    • UDP flood protection
    • ICMP flood protection
    • Fragment attack detection
    • Malformed packet detection
    • Rate limiting
    • Geo-location based blocking
    • VPN/TOR detection
    • Botnet activity detection
    • Malware signature detection
    • Exploit attempt detection
    • Zero-day attack detection

  • Multiple Protection Levels

    • Level 1: Basic protection
    • Level 2: Standard protection
    • Level 3: Enhanced protection
    • Level 4: Extreme protection

  • Performance Optimizations

    • Multi-threading support
    • Batch processing
    • Connection pooling
    • Memory optimization
    • Thread-safe operations

  • Customization

    • Custom rule support
    • Configurable thresholds
    • Flexible blocking policies
    • Customizable logging

Requirements

  • Linux operating system
  • Root privileges
  • libpcap development library
  • pthread library
  • C compiler (gcc recommended)

Installation

  1. Clone the repository:
git clone https://github.com/root0emir/OpenMammoth.git
cd openmammoth
  1. Compile the source code:
make
  1. Install the binary:
sudo make install

Usage

Basic usage:

sudo openmammoth -i eth0 -l 3 -a 1

Command line options:

-h, --help           Display help menu
-i, --interface      Specify network interface (default: eth0)
-l, --level         Protection level (1-4)
-a, --advanced      Advanced protection (0/1)
-d, --debug         Debug mode
-c, --config        Configuration file
-r, --rules         Custom rules file
-s, --stats         Show statistics
-b, --blocked       Show blocked IPs
-v, --version       Show version information

Configuration

The tool can be configured using a JSON configuration file. Example configuration:

{
    "protection_level": 3,
    "advanced_protection": true,
    "debug_mode": false,
    "block_duration": 3600,
    "max_connections": 100000,
    "thresholds": {
        "port_scan": 100,
        "syn_flood": 1000,
        "udp_flood": 1000,
        "icmp_flood": 1000
    }
}

Custom Rules

Custom rules can be defined in a rules file. Example rules:

# Block IPs from specific countries
RULE geo_block
PATTERN country_code=RU,CN,KP
ACTION block

# Block suspicious traffic patterns
RULE suspicious_traffic
PATTERN packet_size>1500 AND rate>1000
ACTION block

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

License

This project is licensed under the GPL v3 License - see the LICENSE file for details.

Author

Acknowledgments

  • libpcap team for packet capture library
  • Open source community for inspiration and support

About

A powerful and comprehensive network protection tool designed to safeguard your systems against various types of cyber attacks.

Topics

toolkit cybersecurity blueteam systemsecurity

Resources

Readme

License

MIT license
Activity

Stars

8 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages