MCPcopy
hub / github.com/crowdsecurity/crowdsec

github.com/crowdsecurity/crowdsec @v1.7.8 sqlite

repository ↗ · DeepWiki ↗ · release v1.7.8 ↗
9,282 symbols 27,507 edges 825 files 5,977 documented · 64%
README

CrowdSec

CrowdSec is an open-source and participative security solution offering crowdsourced server detection and protection against malicious IPs. Detect and block with our Security Engine, contribute to the network, and enjoy our real-time community blocklist.

CrowdSec schema

Features & Advantages

Versatile Security Engine

CrowdSec Security Engine is an all-in-one IDS/IPS and WAF.

It detects bad behaviors by analyzing log sources and HTTP requests, and allows active remediation thanks to the Remediation Components.

Detection rules are available on our hub under MIT license.

CrowdSec Community Blocklist

The "Community Blocklist" is a curated list of IP addresses identified as malicious by CrowdSec. The Security Engine proactively blocks the IP addresses of this blocklist, preventing malevolent IPs from reaching your systems.

CrowdSec Community Blocklist

Console - Monitoring & Automation of your security stack

CrowdSec Console

Multiple Platforms support

Multiple Platforms support

Outnumbering hackers all together

By sharing the threat they faced, all users are protecting each other (hence the name Crowd-Security). Crowdsec is designed for modern infrastructures, with its "Detect Here, Remedy There" approach, letting you analyze logs coming from several sources in one place and block threats at various levels (applicative, system, infrastructural) of your stack.

CrowdSec ships by default with scenarios (brute force, port scan, web scan, etc.) adapted for most contexts, but you can easily extend it by picking more of them from the HUB. It is also easy to adapt an existing one or create one yourself.

Installation

Follow our documentation to install CrowdSec in a few minutes on Linux, Windows, Docker, OpnSense, Kubernetes, and more.

Resources

  • Console: Supercharge your CrowdSec setup with visualization, management capabilities, extra blocklists and premium features.
  • Documentation: Learn how to exploit your CrowdSec setup to deter more attacks.
  • Discord: A question or a suggestion? This is the place.
  • Hub: Improve your stack protection, find the relevant remediation components for your infrastructure.
  • Public Roadmap: Vote for your favorite features and submit ideas to influence what we build next.
  • CrowdSec Academy: Learn and grow with our courses.
  • Corporate Website: For everything else.

Extension points exported contracts — how you extend this code

DataSource (Interface)
DataSource is the common interface implemented by all acquisition modules. A DataSource can always be configured from Y [20 …
pkg/acquisition/types/types.go
Command (Interface)
Command represents an operation that can be performed on a CrowdSec hub item. Each concrete implementation defines a Pr [5 …
pkg/hubops/plan.go
BucketType (Interface)
(no doc) [5 implementers]
pkg/leakybucket/buckettype.go
Committer (Interface)
Committer is the interface that wraps the Commit method. [2 implementers]
pkg/database/ent/tx.go
IndexProvider (Interface)
IndexProvider retrieves and writes .index.json [1 implementers]
pkg/cwhub/download.go
RoundTripFunc (FuncType)
RoundTripFunc .
pkg/cticlient/client_test.go
ExtLogger (Interface)
ExtLogger is a common interface for logrus.Logger and logrus.Entry. Much like Ext1FieldLogger from logrus.go, it says no
pkg/logging/types.go
EnrichFunc (FuncType)
* should be part of a package shared with enrich/geoip.go */
pkg/parser/enrich.go

Core symbols most depended-on inside this repo

Error
called by 279
pkg/database/ent/enttest/enttest.go
Run
called by 250
pkg/hubops/plan.go
String
called by 235
pkg/appsec/appsec.go
Len
called by 197
pkg/acquisition/modules/docker/tracker/tracker.go
SetField
called by 189
pkg/database/ent/mutation.go
Tracef
called by 177
pkg/logging/types.go
Query
called by 154
pkg/database/ent/tx.go
NewReader
called by 149
pkg/acquisition/modules/kafka/config.go

Shape

Method 5,369
Function 3,013
Struct 710
TypeAlias 88
FuncType 69
Interface 32
Class 1

Languages

Go100%
Python1%

Modules by API surface

pkg/database/ent/mutation.go1,015 symbols
pkg/database/ent/alert/where.go350 symbols
pkg/database/ent/client.go239 symbols
pkg/database/ent/machine/where.go213 symbols
pkg/database/ent/bouncer/where.go201 symbols
pkg/database/ent/decision/where.go194 symbols
pkg/database/ent/machine_create.go187 symbols
pkg/database/ent/bouncer_create.go159 symbols
pkg/database/ent/allowlistitem/where.go128 symbols
pkg/database/ent/machine_update.go105 symbols
pkg/database/ent/alert_create.go100 symbols
pkg/database/ent/decision_create.go90 symbols

Used by 1 indexed graphs manifest dependencies, hub-wide

Dependencies from manifests, versioned

ariga.io/atlasv1.1.0 · 1×
dario.cat/mergov1.0.2 · 1×
entgo.io/entv0.14.6 · 1×
filippo.io/edwards25519v1.2.0 · 1×
github.com/AlecAivazis/survey/v2v2.3.7 · 1×
github.com/Masterminds/goutilsv1.1.1 · 1×
github.com/Masterminds/semver/v3v3.5.0 · 1×
github.com/Masterminds/sprig/v3v3.3.0 · 1×
github.com/Microsoft/go-winiov0.6.2 · 1×
github.com/agext/levenshteinv1.2.3 · 1×
github.com/alexliesenfeld/healthv0.8.1 · 1×
github.com/apparentlymart/go-textseg/v15v15.0.0 · 1×

Datastores touched

(mysql)Database · 1 repos

For agents

$ claude mcp add crowdsec \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact