Skip to content

aacidraain/Shield-Baby

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
ConsoleApp1.sln
ConsoleApp1.sln
 
 
Program.cs
Program.cs
 
 
README.md
README.md
 
 

Repository files navigation

Overview

This script is designed to provide comprehensive security monitoring and defense mechanisms for a target IP. It includes features for detecting and defending against various types of attacks, such as port scans, denial-of-service (DoS) attacks, ARP spoofing, and more. The script also includes mechanisms for monitoring keyloggers and filesystem changes, sending alerts, and blocking malicious IP addresses. Features

Network Traffic Monitoring: Detects port scans and anomalous network activity.
DoS Attack Monitoring: Identifies and responds to potential DoS attacks.
ARP Spoofing Detection: Monitors for ARP spoofing attempts.
System Log Monitoring: Observes system logs for suspicious login attempts.
Web Server Log Monitoring: Detects common web attacks.
Filesystem Monitoring: Watches for critical filesystem changes.
Keylogger Detection: Identifies and disables keyloggers.
Counter-Scan: Performs counter-scanning to detect scanning attempts.
Alerts: Sends email alerts and plays a sound alert on detection of malicious activities.
Dependency Installation: Automatically installs required dependencies.

Installation Prerequisites

A Unix-based system (e.g., Linux)
sudo privileges for installing dependencies and modifying firewall rules

Dependencies

The script requires the following packages:

tcpdump
arpwatch
mailutils
inotify-tools
iptables-persistent
nmap
alsa-utils
mpg123

Installation Steps

Clone the Repository

bash

git clone https://github.com/yourusername/defensive-script.git cd defensive-script

Make the Script Executable

bash

chmod +x defensive_script.sh

Run the Installation Script

bash

./defensive_script.sh install_dependencies

Configure Sound Alerts

Ensure you have a sound file for alerts:

bash

cp /path/to/your/zombie_alert.wav /path/to/your_script_directory/

Run the Script

To start the script and monitor a specific target IP:

bash

sudo ./defensive_script.sh <target-ip>

Replace <target-ip> with the IP address you want to monitor.

Usage Command Line Options

install_dependencies: Installs required dependencies.
monitor_network: Starts network traffic monitoring.
monitor_dos_attacks: Monitors for DoS attacks.
monitor_arp_spoofing: Monitors for ARP spoofing.
monitor_system_logs: Monitors system logs for exploitation attempts.
monitor_web_logs: Monitors web server logs for common attacks.
monitor_filesystem: Monitors critical filesystem changes.
monitor_keyloggers: Detects and disables keyloggers.
perform_counter_scan: Performs counter-scanning to detect scanning attempts.

Example

To monitor a specific IP and start all the monitoring tasks:

bash

sudo ./defensive_script.sh

Contributing

Contributions are welcome! Please fork the repository, create a feature branch, and submit a pull request. License

This project is licensed under the MIT License - see the LICENSE file for details. Acknowledgments

Special thanks to the open-source community for providing the tools and libraries used in this script.

About

Perfect to monitor active pentesting

Topics

penetration-testing pentesting pentest-tool scriptkiddie

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages