Skip to content
/ mole Public

Yara powered NIDS with high speed packet capture powered by PF_RING

License

Notifications You must be signed in to change notification settings

mole-ids/mole

Repository files navigation

Mole

Build Status Docs Go Report Card License

Mole is an experimental Network Intrusion Detection System that uses Yara as matching engine and PF_RING for high speed packet capture.


. Features . Supported OSes . Quickstart . Documentation . Contributing .


Features

  • Yara engine for packet matching
  • PF_RING integration
  • Rule configuration using meta fields from Yara (variables, ranges, ...)

Supported OSes

Planned Windows 10 and MacOS X.

Quickstart

To get your hands on Mole, you can use the 5-Minute Quickstart in our documentation.

Documentation

You can find the complete documentation of Mole at https://docs.mole-ids.org.

Contributing

Please note that this project is released with a Contributor Code of Conduct. By participating in this project, you agree to abide by its terms.