mirrors/crowdsec
1
0
Fork 0
mirror of https://github.com/crowdsecurity/crowdsec.git synced 2025-05-10 20:05:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 13
CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI. https://crowdsec.net
2096 commits 88 branches 214 tags 262 MiB
Find a file
mmetc 201aebaac2
cscli inspect: don't show metrics or converted rules if an item is not installed (#3602)
2025-05-02 00:12:55 +02:00
.github CI: correct uv.lock path (#3596) 2025-04-30 23:24:33 +02:00
cmd cscli inspect: don't show metrics or converted rules if an item is not installed (#3602) 2025-05-02 00:12:55 +02:00
config cron: avoid spamming stdout when the hub index is updated (#3485) 2025-02-27 10:19:43 +00:00
debian explicit message for malformed data URL in local items (#3537) 2025-03-25 11:53:49 +01:00
docker CI: lint docker tests (#3443) 2025-02-17 11:04:26 +01:00
mk make: remove redundant go version check (#3118) 2024-07-09 14:49:55 +02:00
pkg Fix monitorNewFiles for NFS + Remove dead tails from tail map (#3508) 2025-04-30 15:05:17 +02:00
rpm run 'hub upgrade' in rpm/deb postinst, improve hub message (#3440) 2025-02-04 16:51:02 +01:00
scripts move plugins/notifications/* to cmd/notification-* (#2429) 2023-08-24 09:46:25 +02:00
test cscli inspect: don't show metrics or converted rules if an item is not installed (#3602) 2025-05-02 00:12:55 +02:00
windows fix lapi credentials creation for debian package (#2646) 2023-12-08 12:10:23 +01:00
.dockerignore support capi_whitelists.yaml (#2224) 2023-05-25 10:02:33 +02:00
.gitignore replace go-acc, richgo with gotestsum (#3567) 2025-04-14 16:21:32 +02:00
.gitmodules Rename directory "tests" to "test" (#2094) 2023-03-03 15:54:49 +01:00
.golangci.yml update golangci-lint (#3590) 2025-04-29 11:24:01 +02:00
.yamllint CI: colored test output, colored crowdsec and crowdsec-api logs, full final db dump for mysql and sqlite (#1596) 2022-06-17 16:12:49 +02:00
azure-pipelines.yml use go 1.24.1 (#3501) 2025-03-10 10:50:52 +01:00
CONTRIBUTING.md "make localstack" target, link to docs/contributing (#1522) 2022-05-17 15:54:52 +02:00
Dockerfile use go 1.24, enable unencrypted http2 (#3470) 2025-02-19 14:05:17 +01:00
Dockerfile.debian use go 1.24, enable unencrypted http2 (#3470) 2025-02-19 14:05:17 +01:00
go.mod build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 (#3581) 2025-04-30 14:45:57 +02:00
go.sum build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 (#3581) 2025-04-30 14:45:57 +02:00
LICENSE CI: Cache all built go modules (#2081) 2023-02-28 17:25:09 +01:00
make_chocolatey.ps1 Update windows pipeline (#2909) 2024-03-19 17:42:08 +01:00
make_installer.ps1 Update windows pipeline (#2909) 2024-03-19 17:42:08 +01:00
Makefile tests: refact localtest helper, use testify.suite (#3574) 2025-04-17 17:35:28 +02:00
README.md README revamp (#3408) 2025-01-21 15:05:12 +00:00
SECURITY.md renamed security.MD -> SECURITY.md, typos (#1774) 2022-10-04 09:50:18 +02:00
wizard.sh opensuse sets OSTYPE to linux (#3514) 2025-03-15 13:46:35 +01:00

README.md

CrowdSec




CrowdSec is an open-source and participative security solution offering crowdsourced server detection and protection against malicious IPs. Detect and block with our Security Engine, contribute to the network, and enjoy our real-time community blocklist.

CrowdSec schema

Features & Advantages

Versatile Security Engine

CrowdSec Security Engine is an all-in-one IDS/IPS and WAF.

It detects bad behaviors by analyzing log sources and HTTP requests, and allows active remedation thanks to the Remediation Components.

Detection rules are available on our hub under MIT license.

CrowdSec Community Blocklist

The "Community Blocklist" is a curated list of IP addresses identified as malicious by CrowdSec. The Security Engine proactively block the IP addresses of this blocklist, preventing malevolent IPs from reaching your systems.

CrowdSec Community Blocklist

Console - Monitoring & Automation of your security stack

CrowdSec Console

Multiple Platforms support

Multiple Platforms support

Outnumbering hackers all together

By sharing the threat they faced, all users are protecting each-others (hence the name Crowd-Security). Crowdsec is designed for modern infrastructures, with its "Detect Here, Remedy There" approach, letting you analyze logs coming from several sources in one place and block threats at various levels (applicative, system, infrastructural) of your stack.

CrowdSec ships by default with scenarios (brute force, port scan, web scan, etc.) adapted for most contexts, but you can easily extend it by picking more of them from the HUB. It is also easy to adapt an existing one or create one yourself.

Installation

Follow our documentation to install CrowdSec in a few minutes on Linux, Windows, Docker, OpnSense, Kubernetes, and more.

Resources

  • Console: Supercharge your CrowdSec setup with visualization, management capabilities, extra blocklists and premium features.
  • Documentation: Learn how to exploit your CrowdSec setup to deter more attacks.
  • Discord: A question or a suggestion? This is the place.
  • Hub: Improve your stack protection, find the relevant remediation components for your infrastructure.
  • CrowdSec Academy: Learn and grow with our courses.
  • Corporate Website: For everything else.