I built FlowHawk, a high-performance network security monitor that uses eBPF/XDP to analyze packets in real-time and detect threats like DDoS attacks, port scans, and botnet activity. It’s written in Go and C is used for the eBPF program. Includes ML anomaly detection and a real-time dashboard. Currently over 80% test coverage and I would love your feedback and contributions!
Amazing work! There's some intersting projects collecting attackers ip's from honeypots across Europe. One of them is Stratosphere IPS from Prague Tech University. It would be nice to consider adding these ip's data to your Ml models =)
