Mole is an experimental Network Intrusion Detection System that uses Yara as matching engine and PF_RING for high speed packet capture.
. Features . Supported OSes . Quickstart . Documentation . Contributing .
Features
- Yara engine for packet matching
- PF_RING integration
- Rule configuration using meta fields from Yara (variables, ranges, ...)
Supported OSes
Planned Windows 10 and MacOS X.
Quickstart
To get your hands on Mole, you can use the 5-Minute Quickstart in our documentation.
Documentation
You can find the complete documentation of Mole at https://docs.mole-ids.org.
Contributing
Please note that this project is released with a Contributor Code of Conduct. By participating in this project, you agree to abide by its terms.