Intrusion Detection-Prevention System Testing Framework

Pytbull is a python based flexible Intrusion Detection/Prevention System (IDS/IPS) Testing Framework for Snort, Suricata and any IDS/IPS that generates an alert file. It can be used to test the detection and blocking capabilities of an IDS/IPS and to validate config.

The only way to ensure your IDS/IPS detects and blocks unwanted traffic is to test it with specific payloads and tools.

Pytbull is shipped with more than 300 tests, grouped in 9 modules, covering a large scope of attacks (clientSideAttacks, testRules, badTraffic, fragmentedPackets, multipleFailedLogins, evasionTechniques, shellCodes, denialOfService, pcapReplay).

* A large coverage (about 300 tests)
* A comprehensive interface (CLI + GUI)
* Adaptability (fits to different architectures and IDS/IPS)
* Flexibility (you can easily add your own tests)

Download from sourceforge.

Source code
Download from sourceforge.