crowdsec

module
v1.6.5-rc4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 31, 2025 License: MIT

README

CrowdSec




CrowdSec is an open-source and participative security solution offering crowdsourced server detection and protection against malicious IPs. Detect and block with our Security Engine, contribute to the network, and enjoy our real-time community blocklist.

CrowdSec schema

Features & Advantages

Versatile Security Engine

CrowdSec Security Engine is an all-in-one IDS/IPS and WAF.

It detects bad behaviors by analyzing log sources and HTTP requests, and allows active remedation thanks to the Remediation Components.

Detection rules are available on our hub under MIT license.

CrowdSec Community Blocklist

The "Community Blocklist" is a curated list of IP addresses identified as malicious by CrowdSec. The Security Engine proactively block the IP addresses of this blocklist, preventing malevolent IPs from reaching your systems.

CrowdSec Community Blocklist

Console - Monitoring & Automation of your security stack

CrowdSec Console

Multiple Platforms support

Multiple Platforms support

Outnumbering hackers all together

By sharing the threat they faced, all users are protecting each-others (hence the name Crowd-Security). Crowdsec is designed for modern infrastructures, with its "Detect Here, Remedy There" approach, letting you analyze logs coming from several sources in one place and block threats at various levels (applicative, system, infrastructural) of your stack.

CrowdSec ships by default with scenarios (brute force, port scan, web scan, etc.) adapted for most contexts, but you can easily extend it by picking more of them from the HUB. It is also easy to adapt an existing one or create one yourself.

Installation

Follow our documentation to install CrowdSec in a few minutes on Linux, Windows, Docker, OpnSense, Kubernetes, and more.

Resources

  • Console: Supercharge your CrowdSec setup with visualization, management capabilities, extra blocklists and premium features.
  • Documentation: Learn how to exploit your CrowdSec setup to deter more attacks.
  • Discord: A question or a suggestion? This is the place.
  • Hub: Improve your stack protection, find the relevant remediation components for your infrastructure.
  • CrowdSec Academy: Learn and grow with our courses.
  • Corporate Website: For everything else.

Directories

Path Synopsis
cmd
crowdsec
crowdsec-cli
crowdsec-cli/ask
crowdsec-cli/clialert
crowdsec-cli/clibouncer
crowdsec-cli/clicapi
crowdsec-cli/cliconfig
crowdsec-cli/cliconsole
crowdsec-cli/clidecision
crowdsec-cli/clientinfo
crowdsec-cli/cliexplain
crowdsec-cli/clihub
crowdsec-cli/clihubtest
crowdsec-cli/cliitem
crowdsec-cli/clilapi
crowdsec-cli/climachine
crowdsec-cli/climetrics
crowdsec-cli/clinotifications
crowdsec-cli/clipapi
crowdsec-cli/clisetup
crowdsec-cli/clisimulation
crowdsec-cli/clisupport
crowdsec-cli/cstable
crowdsec-cli/idgen
crowdsec-cli/reload
crowdsec-cli/require
notification-dummy
notification-email
notification-file
notification-http
notification-sentinel
notification-slack
notification-splunk
pkg
acquisition
acquisition/configuration
acquisition/modules/appsec
acquisition/modules/appsec/bodyprocessors
acquisition/modules/cloudwatch
acquisition/modules/docker
acquisition/modules/file
acquisition/modules/http
acquisition/modules/journalctl
acquisition/modules/kafka
acquisition/modules/kinesis
acquisition/modules/kubernetesaudit
acquisition/modules/loki
acquisition/modules/loki/internal/lokiclient
acquisition/modules/s3
acquisition/modules/syslog
acquisition/modules/syslog/internal/parser/rfc3164
acquisition/modules/syslog/internal/parser/rfc5424
acquisition/modules/syslog/internal/parser/utils
acquisition/modules/syslog/internal/server
acquisition/modules/victorialogs
acquisition/modules/victorialogs/internal/vlclient
acquisition/modules/wineventlog
alertcontext
apiclient
apiclient/useragent
apiserver
apiserver/controllers
apiserver/controllers/v1
apiserver/middlewares/v1
appsec
appsec/appsec_rule
cache
csconfig
Package csconfig contains the configuration structures for crowdsec and cscli.
 Package csconfig contains the configuration structures for crowdsec and cscli.
csplugin
csprofiles
cticlient
cticlient/example
cwhub
Package cwhub is responsible for providing the state of the local hub to the security engine and cscli command.
 Package cwhub is responsible for providing the state of the local hub to the security engine and cscli command.
cwversion
cwversion/component
cwversion/constraint
database
database/ent
database/ent/alert
database/ent/bouncer
database/ent/configitem
database/ent/decision
database/ent/enttest
database/ent/event
database/ent/hook
database/ent/lock
database/ent/machine
database/ent/meta
database/ent/metric
database/ent/migrate
database/ent/predicate
database/ent/runtime
database/ent/schema
dumps
emoji
exprhelpers
fflag
hubops
Package hubops is responsible for managing the local hub (items and data files) for CrowdSec.
 Package hubops is responsible for managing the local hub (items and data files) for CrowdSec.
hubtest
leakybucket
longpollclient
metabase
models
modelscapi
parser
protobufs
setup
time/rate
Package rate provides a rate limiter.
 Package rate provides a rate limiter.
types

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.