awesome-repositories.com
Blog
awesome-repositories.com

Descubre los mejores repositorios open-source con nuestra búsqueda potenciada por IA.

ExplorarBúsquedas curadasAlternativas open-sourceSoftware autohospedableBlogMapa del sitio
ProyectoAcerca deCómo clasificamosPrensaServidor MCP
Aviso legalPrivacidadTérminos
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·
evilsocket avatar

evilsocket/opensnitch

0
View on GitHub↗
12,899 estrellas·600 forks·Python·gpl-3.0·4 vistas

Opensnitch

Opensnitch is a host-based application firewall for Linux that monitors and intercepts outbound network connections in real time. By hooking into kernel-level interfaces, it tracks system-wide network activity and maps connection attempts to specific local processes, allowing users to explicitly permit or deny traffic on a per-application basis.

The project distinguishes itself through its ability to manage security policies across multiple distributed nodes from a single, unified dashboard. This centralized management is secured via encrypted socket communication, enabling consistent rule enforcement and monitoring across remote machines. It further supports granular control by validating executable integrity, filtering based on environment variables, and isolating process network access to prevent unauthorized data transmission.

Beyond basic filtering, the system provides comprehensive observability tools, including real-time connection inspection, traffic logging, and the ability to export security events to external management systems. Users can define complex, prioritized rule sets that incorporate blocklists, temporary access durations, and path-based restrictions to secure their environment against unauthorized communication.

Features

  • Firewalls - Monitors and intercepts outbound network connections, prompting users to allow or deny traffic per process.
  • Application Access Controls - Prompts for user approval before allowing applications to establish network connections.
  • Network Access Control - Restricts network access for specific processes by prompting for user approval or applying rules based on executable paths.
  • Outbound Network Blockers - Hooks kernel functions to monitor and capture connection details for all processes to prevent unauthorized data transmission.
  • Traffic Filtering - Configures granular filtering for network connections by specifying executable paths, destination hosts, and ports.
  • Traffic Monitoring Tools - Provides real-time monitoring and logging of outbound network traffic mapped to specific local processes.
  • Distributed Firewall Orchestration - Enables centralized management and monitoring of security policies across multiple distributed network nodes.
  • Distributed Policy Management - Manages security policies across multiple distributed nodes from a single, unified dashboard.
  • Firewall Configurations - Provides a graphical interface to list, edit, and perform batch operations on traffic filtering rules.
  • Firewall Policies - Manages and monitors network security rules across multiple distributed nodes from a single unified dashboard.
  • Kernel Networking Hooks - Hooks into kernel-level interfaces to intercept and capture system-wide network connection attempts in real time.
  • Secure Node Networking - Encrypts network traffic between distributed nodes using security certificates to prevent unauthorized interception.
  • Security Policy Management - Provides a centralized dashboard for managing firewall rules and security policies across multiple distributed network nodes.
  • Alerting Systems - Alerts users to new or unauthorized connection attempts in real time.
  • Real Time Process Monitors - Tracks and displays real-time system events and network behavior associated with specific running applications.
  • Security Logging and SIEM - Application firewall for GNU/Linux systems.
  • Network Security and Proxies - Interactive application firewall for Linux.
  • Security And Forensics - Application firewall for monitoring network connections.
  • Traffic Filtering Rules - Matches network connection requests against prioritized user-defined policies based on process paths and destination endpoints.
  • Runtime and Process Isolation - Requires individual authorization for every process and subprocess to prevent unauthorized network permission inheritance.
  • Domain Blocklists - Supports blocking outbound connections based on external lists of domains, IP addresses, and file hashes.
  • Binary Integrity Verification - Validates the checksum of an application to prevent unauthorized or modified binaries from establishing connections.
  • Network Traffic Analyzers - Tracks and logs real-time system-wide network activity, mapping connection attempts to specific local processes.
  • System Activity Monitoring - Observes and logs real-time network socket activity and process behavior to identify suspicious communication patterns.
  • Client Connection Inspections - Provides a real-time view of current network sockets and associated node activity to offer visibility into communication states.
  • Temporary Access Rules - Allows setting expiration durations for rules to permit specific network connections only for a limited time.
  • Process Environment Filtering - Prevents or permits network connections based on process environment variables to mitigate malicious activity like library injection.
  • Path Access Restrictions - Restricts network access for executables running from temporary directories or other untrusted locations.
  • Event Monitoring Systems - Streams intercepted network connection events to external logging systems for centralized security analysis.
  • Security Audit Logs - Streams intercepted network connection events to external management systems for centralized analysis and auditing.
  • Network Policy Enforcement - Applies global allow or deny actions to handle network requests when no specific rule matches.
  • Log Querying - Enables filtering and searching of connection logs using criteria based on process metadata and network endpoints.
  • Background Daemons - Runs a background service that evaluates intercepted connection events against persistent rule sets to determine traffic access.
  • Rule Priority Logic - Evaluates network access policies based on explicit priority flags to determine whether to permit or reject connection attempts.

Historial de estrellas

Gráfico del historial de estrellas de evilsocket/opensnitchGráfico del historial de estrellas de evilsocket/opensnitch

Búsqueda con IA

Explora más repositorios increíbles

Describe lo que necesitas en lenguaje sencillo: la IA clasifica miles de proyectos open-source curados por relevancia.

Start searching with AI

Alternativas open-source a Opensnitch

Proyectos open-source similares, clasificados según cuántas características comparten con Opensnitch.
  • cloudflare/cloudflare-docsAvatar de cloudflare

    cloudflare/cloudflare-docs

    4,859Ver en GitHub↗

    This repository is a technical documentation site and a collection of guides and references for implementing networking, security, and cloud infrastructure services. It functions as a static-site generated portal and a headless content platform, separating source files from the presentation layer to enable flexible rendering. The project utilizes markdown-based documentation stored in a version-controlled Git repository. It provides specialized technical content including an AI platform documentation for building agents and managing inference, a cloud infrastructure guide for DNS and CDN conf

    MDXcloudflaredocshacktoberfest
    Ver en GitHub↗4,859
  • safing/portmasterAvatar de safing

    safing/portmaster

    13,003Ver en GitHub↗

    Portmaster is a host-based network firewall and privacy tool that monitors and controls all system network traffic. It operates by intercepting data packets at the operating system level, allowing it to observe and manage every connection made by local software in real time. The software distinguishes itself through process-aware connection mapping, which correlates active network sockets with specific local applications to provide visibility into data transfers. It utilizes a user-space policy engine to enforce granular security rules, enabling users to restrict internet access, block specif

    Goapplication-firewalldnsfirewall
    Ver en GitHub↗13,003
  • objective-see/luluAvatar de objective-see

    objective-see/LuLu

    12,791Ver en GitHub↗

    LuLu is an open-source application firewall designed for macOS that monitors and controls outgoing network traffic. It functions by intercepting connection attempts at the system level, allowing users to approve or deny network access for individual programs to prevent unauthorized data transmission. The software provides granular control over application-level communication, ensuring that only trusted or explicitly permitted software can establish external connections. By maintaining stateful tracking of network flows and validating the cryptographic signatures of requesting binaries, it pro

    Objective-C
    Ver en GitHub↗12,791
  • linkerd/linkerd2Avatar de linkerd

    linkerd/linkerd2

    11,424Ver en GitHub↗

    This project is a service mesh platform designed to manage, secure, and observe service-to-service communication within Kubernetes clusters. It functions as a control plane that orchestrates transparent sidecar proxies, which intercept and manage network traffic to provide reliable connectivity for microservices. By automating the injection of these proxies, the platform ensures that infrastructure-level policies are applied consistently across all workloads without requiring manual configuration changes. The platform distinguishes itself through its focus on zero-trust security and cross-clu

    Gocloud-nativegolangkubernetes
    Ver en GitHub↗11,424
Ver las 30 alternativas a Opensnitch→

Preguntas frecuentes

¿Qué hace evilsocket/opensnitch?

Opensnitch is a host-based application firewall for Linux that monitors and intercepts outbound network connections in real time. By hooking into kernel-level interfaces, it tracks system-wide network activity and maps connection attempts to specific local processes, allowing users to explicitly permit or deny traffic on a per-application basis.

¿Cuáles son las características principales de evilsocket/opensnitch?

Las características principales de evilsocket/opensnitch son: Firewalls, Application Access Controls, Network Access Control, Outbound Network Blockers, Traffic Filtering, Traffic Monitoring Tools, Distributed Firewall Orchestration, Distributed Policy Management.

¿Qué alternativas de código abierto existen para evilsocket/opensnitch?

Las alternativas de código abierto para evilsocket/opensnitch incluyen: cloudflare/cloudflare-docs — This repository is a technical documentation site and a collection of guides and references for implementing… safing/portmaster — Portmaster is a host-based network firewall and privacy tool that monitors and controls all system network traffic. It… objective-see/lulu — LuLu is an open-source application firewall designed for macOS that monitors and controls outgoing network traffic. It… linkerd/linkerd2 — This project is a service mesh platform designed to manage, secure, and observe service-to-service communication… henrypp/simplewall — Simplewall is an application firewall manager and network traffic filter that provides a graphical interface for the… slackhq/nebula — Nebula is a scalable, decentralized overlay networking tool designed to create secure, encrypted peer-to-peer…