Here’s our list of 5 Recommended Intrusion Detection Systems (IDS) tools and frameworks

Here’s our list of 5 Recommended Intrusion Detection Systems (IDS) tools and frameworks

Henry Dalziel | Pentesting Tools | May 11, 2015

What is your favorite Intrusion Detection Systems Hacking Tool or Framework? Let us know by voting!

We’ve compiled a list of over 150 of the Web’s best hacking tools used by ethical hackers and pentesters. If you have a few minutes to spare please go ahead and take a look. We also allow for tool submission so if you have a recommendation we’d love to hear from you.

Here’s our Intrusion Detection Systems Hacking directory.

In this post we are taking a look at Intrusion Detection Systems

As of May 2015 we’ve listed the following tools that fit into our “IDS (Intrusion Detection Systems)” hacker tools directory. If you think we are missing one we’d appreciate your comments below.

  • Honeyd
  • Sguil
  • Snort

Taking each of these in turn:

This tool is a small daemon that operates by creating virtual hosts and placing these on a network. These hosts can then be edited to run arbitrary services, and perform in such a way that they mimick specific Operating System configurations. This Intrusion Detection Tool enables a single host to claim multiple addresses. In summary this tool improves security by providing mechanisms for threat detection and assessment. It also deters adversaries by hiding real systems in the middle of virtual systems.

Next on our list is OSSEC which is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. The tutorial video that we have included on its’ page has as a particularly good demonstration which lasts over 30 minutes.

Next on our list is OSSIM which provides essential security capabilities built into a unified platform.

This tool was designed by network security analysts for network security analysts. This tool’s main component is an intuitive GUI that provides access to realtime events, session data, and raw packet captures.

Snort is a very popular program. Snort’s open source network-based intrusion detection system (NIDS) has the ability to perform real-time traffic analysis and packet logging on Internet Protocol (IP) networks. Out of all of the tools listed above Snort is quite possibly the best know.

In Summary

What do you think about our list? How can we improve it? If you can think of a better tool or suggestion we’d certainly be grateful to hear your thoughts.

Leave a comment or reply below...thanks!