🐧 SysWarden is an ultra-lightweight Host-based Security Orchestrator for Linux.

A tool (with a simple installer) that monitors UFW firewall logs in real time and reports IP addresses to the AbuseIPDB database.

A Node.js script that automates the reporting of malicious IP addresses detected by Cloudflare WAF to AbuseIPDB ☁️🕵️

AbuseIPDB integration enabling automatic reporting of malicious activity detected by T-Pot honeypots by monitoring logs, analyzing attack attempts, and submitting reports automatically.

Event based threat management tool with autonomus AI assistant (For now just prototype). With integrated ABUSEIP API for bad IP detection and blockage. Feed the FireWall logs and get insights.

StickyPorts the all-in-one Layer 4 honeypot that emulates commonly used Ubuntu services.

FortiGateToAbuseIPDB is a Python script that allows you to read all IPv4/IPv6 addresses from the FortiGate quarantine list, forward the malicious IPs to the AbuseIPDB service, and then clear the list.

Integration tool that analyzes Suricata logs in real time and reports malicious IP addresses to AbuseIPDB.

Automatically reports IPs blocked by Imunify360 (blacklisted with purpose "drop") to AbuseIPDB using their v2 API.

Export spam comments to a file, extract IPs, generate AbuseIPDB report

Integration scripts for SniffCat & AbuseIPDB.

🔍 Analyze logs to detect threats, enhance security visibility, and streamline incident response with this automated cybersecurity tool.