Stealthy Security Layer Detector (WAF/IDS/IPS/Fail2Ban)
Project description
is-it-safe 🛡️
Stealthy Security Layer Fingerprinting & Detection v5.0
is-it-safe is a modern, high-performance security utility designed to map and identify protective layers surrounding a target without triggering aggressive defense mechanisms. It provides deep visibility into infrastructure security by fingerprinting WAFs, IDS/IPS, and automated blocking systems.
Key Features
- 🛡️ WAF Fingerprinting: Identifies 10+ major WAF vendors (Cloudflare, Akamai, AWS, Imperva, etc.) via signature-based and behavioral analysis.
- 🕵️ Stealth-First Detection: Implements adaptive jitter, randomized headers, and low-signal request patterns to bypass basic rate-limiters and heuristics.
- 🚦 IDS/IPS Probing: Uses low-level TCP signals and HTTP response anomalies to detect deep packet inspection and network-level interception.
- 🚫 Fail2Ban Discovery: Safely identifies SSH tarpits, "honey-pots," and active ban policies through non-destructive authentication probing.
- 📊 Risk Scoring: Intelligent scoring system that evaluates detected security layers and provides a "Safe to Scan" recommendation.
- 🎨 Modern Interface: Built with
richfor professional, structured terminal output and high-visibility results. - 🤖 Automation Ready: Native JSON output mode for seamless integration into larger security pipelines.
Installation
The Modern Way (Recommended)
Use uv for the fastest experience:
# Run instantly without installing
uvx is-it-safe example.com
# Or install it
uv pip install is-it-safe
The Traditional Way
pip install is-it-safe
From Source
git clone https://github.com/your-username/is-it-safe.git
cd is-it-safe
pip install .
🛠 Usage
# Basic scan
is-it-safe example.com
# Verbose scan with stealth enabled
is-it-safe example.com --stealth --verbose
# Scan specific SSH port for Fail2Ban
sudo is-it-safe example.com --ssh-port 2222
# Output results as JSON
is-it-safe example.com --json > results.json
[!IMPORTANT] Some IDS/IPS detection features require root privileges for raw socket access.
📜 License
This project is licensed under the MIT License - see the LICENSE file for details.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file is_it_safe-5.1.0.tar.gz.
File metadata
- Download URL: is_it_safe-5.1.0.tar.gz
- Upload date:
- Size: 15.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.5.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
611ab802378f7629693c75b47b423ac49436685da902b9fef4dad32d52d6b840
|
|
| MD5 |
76c4d34dc2f35203872eb7659ec19252
|
|
| BLAKE2b-256 |
bd83486c6910eac8a5f65d53a930e5d190ebd0914efe168303465c8ce66c0c3d
|
File details
Details for the file is_it_safe-5.1.0-py3-none-any.whl.
File metadata
- Download URL: is_it_safe-5.1.0-py3-none-any.whl
- Upload date:
- Size: 15.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.5.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c17daa534757180c9e1e128d75e71fe6e8d491cf67bfb13f106533ac74a82f6c
|
|
| MD5 |
d780c9ffdc28e21429d46bf16bf7a970
|
|
| BLAKE2b-256 |
2dc2d2173b0c9039c76e7ba3662560280d29a9a9ff2ede0cde2a823bfb3d63c7
|
