This is a simple, beginner-friendly IDS built using Python and Scapy.
It watches network traffic and raises alerts if anything shady pops up — like blacklisted IPs, suspicious ports, or sketchy payloads.
This project is strictly for learning purposes.
Do not run it on networks you don't own or manage.
- Traffic from blacklisted IP addresses
- Use of unusual ports often used by backdoors (4444, 31337, etc.)
- Suspicious keywords in payloads like
"attack","malware", etc.
- Python 3.x
- Scapy → Install with:
pip install scapy