Awesome
Hi! 👋
Welcome to Netryx (pronounced 'netriks'), advanced java security framework lead by exploit.org group. It was created to help developers make their web applications more secure and effective against various threats.
It is modular security framework that is designed to integrate to as many applications, as possible:
Notes
- Continual Evolution: Keep up with regular updates as Netryx improves daily.
- Code Quality & Contribution: We follow strict code quality standards. Join us in our dedication to excellent security.
- Holistic Security Approach: Security is a continuous journey. Netryx is an important part, but it fits into a broader security strategy.
- Community-Driven Development: We believe in "Building Security Together". Your feedback and contributions are essential.
Netryx Modules
Armor
Armor is a backbone module of Netryx.
Brief overview:
- ReDoS Protected Input Validators based on rules
- Secure Memory Allocation for sensitive data storage and obfuscation
- JS, HTML, LDAP and CMD Encoders to protect from various injection attacks
- Centralized security event scope
Additional features:
- TLS Packet Parsing Engine - Base for TLS packet inspection
- Akamai HTTP/2, JA3, JA4, JA4H Fingerprinting Base - Fingerprint generation utilities
See Netryx Armor for all details.
Pipeline
Secure By Default
Reactive security pipeline based for Netty based servers, that uses Armor as a backbone.
Brief overview:
- HTTP/2 0day RST Flood Protection
- HTTP Flood Protection
- IP Whitelisting/Blacklisting
- Security Policy Management
- Intrusion Detection System (IDS)
- JA3, JA4, JA4H, HTTP/2 Fingerprinting
Currently supported Netty server pipelines:
- Reactor Netty Provider stands for all Reactor Netty based servers and frameworks support (like Spring Boot Reactive)
See Netryx Armor Pipeline for all details.
WAF
Secure By Default
Under Active Development
Advanced Web Application Firewall for Netty based servers, that uses Armor Pipeline's backend.
Brief overview:
- Passive Injection protection (SQL, XSS, LDAP, CMD, etc)
- Passive Path Traversal protection
- Malicious client detection using JA3, JA4, JA4H, and HTTP/2 fingeprints
- Flexible Rule Management System
Check road map here: Netryx WAF
Machine Learning Core
Under Active Development
Lightweight Machine Learning library for learning and running models in an intensive environment. Utilized in Netryx WAF for mitigating threats.
Implements following algorithms:
- Linear Regression
- Logistic Regression
- kNN
- Kernel SVM
- Naive Bayes
- Decision Trees
- Random Forest
- Gradient Boosting
See Netryx ML for all details.
Memory
Netryx Memory manages sensitive data securely in memory using Java native interface for UNIX systems.
Brief overview:
- Unswappable memory allocation
- Memory obfuscation
- Memory regions with protection from unauthorized READ/WRITE/EXEC
For further information, see Netryx Memory.
Events
Zero dependency event manager designed for building even-based applications. Used by Netryx WAF for Security Events management.
Check it here: Netryx Events
Education materials
Find articles here: OWASP Path To Secure Software series
Contact
For security concerns or to discuss potential features that you'd prefer not to disclose publicly, please reach out to us at: security@exploit.org
.
For general inquiries or to engage in discussions on various topics, join our Telegram channel and chat at: @exploitorg.