Hookprobe

HookProbe is an open-source AI-native intrusion detection system (IDS/IPS) that runs on Raspberry Pi and edge devices. It combines eBPF/XDP kernel-level packet filtering with machine learning threat classification to deliver autonomous network security with zero cloud dependency.                                                                                           
                                                                                                                                 
The stack includes NAPSE (AI packet inspection), HYDRA (threat intelligence pipeline), SENTINEL (ML classification engine), and AEGIS (autonomous defense orchestrator). In production, a single Raspberry Pi 5 processes 11M+ security events, classifies 177K ML verdicts, and tracks 11,800+ attacker IPs — all autonomously.

  Key features:
  - 5-minute install on Raspberry Pi 5 or any Linux device
  - eBPF/XDP wire-speed packet filtering and DDoS mitigation
  - ML-based threat classification (benign/suspicious/malicious
  - Real-time QSecBit security posture scoring
  - Web dashboard with live threat visualization
  - Post-quantum cryptography (Kyber KEM)
  - Collective mesh defense across nodes

Three tiers: Guardian ($75 RPi), Fortress ($200 mini PC), Nexus (server). Software is free forever under AGPL v3.0. Built in Python, Zig, C, and Mojo. 

 

  https://hookprobe.com | https://github.com/hookprobe/hookprobe