maltrail
Malicious traffic detection system
The Lens
Maltrail watches network traffic for connections to known malicious destinations. It pulls public threat feeds (known C2 servers, malware domains, abuse lists) and alerts when a host on your network talks to one of them. Free, MIT-licensed.
Setup is moderate. You point it at a network interface or feed it aggregated traffic from your firewall, and let it analyze passively. The web UI shows alerts grouped by severity. Tune the feeds for your environment because public lists generate false positives, especially around shared CDN ranges.
For homelabs, small SOCs, and security-conscious dev teams, this is a real tool. It's not a full IDS. Suricata or Zeek do deeper packet inspection. But it answers the simple question: is anything on my network calling out to a known bad place. That's useful even if you also run something heavier.
The catch is that it only catches what's already on a public blacklist. Targeted attacks using fresh infrastructure won't trip it. Treat it as one signal in a layered defense, not the whole defense.
Get tools like this every Wednesday
One featured tool, three on the radar. No fluff.
Free vs Self-Hosted vs Paid
fully free**Free (self-hosted):** All features. MIT license, no paid tier, no commercial entity behind it. The threat feeds it pulls from are also free public sources.
**Self-hosted reality:** Modest. A small VPS or homelab server can handle a typical home or small office network. Larger networks need to feed it pre-aggregated flow data rather than raw packet capture. Tuning the feeds and tagging false positives is the ongoing work.
**No paid tier:** No managed hosting, no enterprise version. If you need a managed service, look at commercial DNS filtering (Cloudflare Gateway, Cisco Umbrella).
Completely free. The work is in setup, tuning, and triage, not licensing.
License: MIT License
Use freely, including commercial. Just keep the license.
Commercial use: ✓ Yes
About
- Owner
- Miroslav Stampar (User)
- Stars
- 8,428
- Forks
- 1,254