🔥 Advanced Real-Time Threat Detection & Cybersecurity Monitoring System 🔥
Detect. Analyze. Protect.
RTDS is a cutting-edge, lightweight cybersecurity simulation and detection framework designed for real-time network threat analysis. Built with modern Python architecture, it provides comprehensive monitoring capabilities for detecting sophisticated cyber attacks in live network environments.
██████╗ ████████╗██████╗ ███████╗
██╔══██╗╚══██╔══╝██╔══██╗██╔════╝
██████╔╝ ██║ ██║ ██║███████╗
██╔══██╗ ██║ ██║ ██║╚════██║
██║ ██║ ██║ ██████╔╝███████║
╚═╝ ╚═╝ ╚═╝ ╚═════╝ ╚══════╝
Real-Time Detection System
|
|
| Attack Type | Detection Method | Accuracy | Status |
|---|---|---|---|
| MITM/ARP Spoofing | 🔍 MAC Address Analysis | 95%+ | ✅ Active |
| DDoS Volumetric | 📊 Packet Rate Monitoring | 90%+ | ✅ Active |
| SYN Flood | 🌊 TCP Flag Analysis | 92%+ | ✅ Active |
| Gratuitous ARP | 📡 Suspicious ARP Detection | 88%+ | ✅ Active |
| Port Scanning | 🔭 Multi-port Detection | 85%+ | ✅ Active |
| DNS Tunneling | 🌐 Entropy & Pattern Analysis | 90%+ | ✅ Active |
| Phishing URLs | 🎣 VirusTotal Integration | 88%+ | ✅ Active |
RTDS/
├── 🐧 rtds.py # Linux version (requires sudo)
├── 🪟 rtds_win.py # Windows version
├── 📋 requirements.txt # Python dependencies
├── 📖 README.md # This file
├── 📊 logs/ # Log files directory
│ └── rtds_alerts.log # Security alerts log
└── 🔧 config/ # Configuration files
└── whitelist.json # Trusted devices
| Component | Requirement |
|---|---|
| Python Version | 3.8+ |
| Memory | 256MB RAM |
| Storage | 50MB free space |
| Network | Active network interface |
| Privileges | Admin/Root access |
scapy>=2.4.5 # Network packet manipulation
argparse # Command-line argument parsing
collections # Advanced data structures
threading # Multi-threading support
time # Time-based operations# Clone the repository
git clone https://github.com/th-shivam/RTDS.git
cd RTDS
# Install dependencies
pip install -r requirements.txt# Grant necessary permissions
chmod +x rtds.py
# Run with administrative privileges
sudo python3 rtds.py
# Custom configuration
sudo python3 rtds.py --ddos-threshold 100 --iface eth0# Open PowerShell as Administrator
cd C:\Path\To\RTDS
# Execute the Windows version
python rtds_win.py
# Monitor specific interface
python rtds_win.py --iface "Wi-Fi" --log "security.log"python rtds.py [OPTIONS]
OPTIONS:
--ddos-threshold INT DDoS detection threshold (default: 100 pps)
--syn-threshold INT SYN flood threshold (default: 50 pps)
--iface STRING Network interface to monitor
--log STRING Custom log file path
--help Show help message# High-security monitoring
python rtds.py --ddos-threshold 50 --syn-threshold 25
# Monitor specific network interface
python rtds.py --iface "Ethernet" --log "network_security.log"
# Corporate network monitoring
sudo python3 rtds.py --ddos-threshold 200 --iface eth0🔐 Simple RTDS v1.0 - DDoS & MITM Detection
🛡️ Focused Detection: DDoS Attacks & MITM/ARP Spoofing
🎯 Project Ready Version
--------------------------------------------------
Detection Features:
• Volumetric DDoS Detection • SYN Flood Detection
• ARP Spoofing Detection • MITM Attack Detection
• Real-time Monitoring • Automatic Logging
--------------------------------------------------
[*] Interface: Wi-Fi
[*] DDoS Threshold: 100 pps
[*] SYN Threshold: 50 pps
[*] Log File: rtds_alerts.log
✓ New device mapped: 192.168.1.100 → aa:bb:cc:dd:ee:ff
🚨 DDoS Attack Detected from 192.168.1.50 - Rate: 150 packets/sec
⚠️ MITM/ARP Spoofing Detected! IP: 192.168.1.1 | Old MAC: aa:bb → New MAC: cc:dd
📊 Runtime: 00:02:30 | Packets: 1500 | Attacks: 3 | ARP Entries: 15
🔍 MITM Attack Detection
Scenario: ARP Spoofing Attack
Target: Router (192.168.1.1)
Attacker: Malicious device attempts MAC spoofing
Detection: Real-time ARP table analysis
Alert: "MITM/ARP Spoofing Detected!"
💥 DDoS Attack Detection
Scenario: SYN Flood Attack
Target: Web server (192.168.1.10)
Attack: High-rate SYN packet flooding
Detection: Packet rate threshold analysis
Alert: "DDoS Attack Detected - Rate: 250 pps"
- DDoS Detection Engine
- MITM/ARP Spoofing Detection
- Real-time Monitoring Dashboard
- Cross-platform Compatibility
- 🔭 Port Scanning Detection
- 🌐 DNS Tunneling Analysis
- 🔒 Encrypted Traffic Analysis
- 🤖 Machine Learning Integration
- 📱 Web-based Dashboard
- 🔔 Email/SMS Alerting
- 📈 Advanced Analytics
- 🌍 Distributed Monitoring
We welcome contributions from the cybersecurity community!
- 🍴 Fork the repository
- 🌱 Create a feature branch (
git checkout -b feature/AmazingFeature) - 💾 Commit your changes (
git commit -m 'Add AmazingFeature') - 📤 Push to the branch (
git push origin feature/AmazingFeature) - 🎉 Open a Pull Request
Found a bug? Please create an issue with:
- Detailed description
- Steps to reproduce
- Expected vs actual behavior
- System information
MIT License
Copyright (c) 2024 RTDS Project
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
Educational Purpose: This tool is designed for educational and research purposes in cybersecurity. Users are responsible for ensuring compliance with applicable laws and regulations. The developers are not responsible for any misuse of this software.
