X4V1ER Firewall is a Python-based network security tool designed to monitor and intercept malicious traffic in real-time. It features both a command-line interface (CLI) and a graphical user interface (GUI), offering automated attack detection, reporting, and IP blocking capabilities.
- Real-time traffic monitoring
- Detection of:
- Port scanning
- Brute-force attempts
- Rate-limiting violations
- SQL injection (SQLi)
- Cross-site scripting (XSS)
- SYN flood attacks
- Automatic threat blocking with firewall rules
- HTML report generation
- Email alerting (Gmail/Outlook/Hotmail)
- Export to CSV/JSON
- GUI dashboard for IP management
git clone https://github.com/DR4X-c0d3r/x4v1er.git \
cd x4v1er/
- Python 3.x
- Root/admin privileges
- Linux or Windows
- Required libraries:
pip install scapy colorama tkinter # If you get any error, check if you already installed pip then create virtual env with python
# create python env
python3 -m env firewall-env
# reinstall libraries
pip install -r requirements; sudo apt install python3-tk #for tkinter
sudo apt install scapy sudo cp firewall.py /usr/bin/x4v1er \
chmod +x /usr/bin/x4v1er \
sudo x4v1er -v #version of x4v1er and required root userCreate a config.json file:
{
"sender_email": "[email protected]",
"sender_password": "your_app_password"
}Use an App Password if using Gmail with 2FA.
sudo python3 firewall.py -d 192.168.1.1 -at -st [email protected]sudo python3 firewall.py -d 192.168.1.1 -g| Option | Description |
|---|---|
-d, --destination_ip |
IP to protect |
-e, --exclude |
Comma-separated trusted IPs |
-rt, --rate_threshold |
Max requests per 10s (default: 5) |
-pt, --port_threshold |
Max port attempts (default: 5) |
-ft, --fail_threshold |
Max failed logins (default: 5) |
-sw, --scan_window |
Time window for port scan (default: 60s) |
-at, --auto-block |
Auto block threats |
-g, --gui |
Launch GUI |
-i, --iface |
Network interface |
-ex, --export |
Export attack data to CSV |
-js, --json-export |
Export attack data to JSON |
-st, --send-to |
Email report to address |
--mode |
Detection sensitivity: default/aggressive/realistic |
-v, --version |
Print version |
-h, --help |
Show help |
- Rate Limiting β N requests per 10 seconds from a single IP
- Port Scanning β Multiple ports scanned in short time
- Brute Force β Excessive failed login attempts (RST packets)
- SYN Flood β SYN packets > 10/sec
- SQL Injection β Payload with suspicious SQL keywords
- XSS β Malicious HTML/script tags in packet data
firewall.py: Core logic for packet processing, attack detection, and GUIconfig.json: Email configurationblocked_ips.txt: Persistent list of blocked IPsreports/: Stores HTML threat reports
- Uses
smtplibandemail.mime - Supported: Gmail, Outlook, Hotmail
- Suspicious IP list
- Manual and auto-block toggle
- Export reports
- Whitelist management
- Event log display
- Run with root or admin privileges
- Use app passwords for Gmail security
HTML file includes:
- IP address
- Reason for block
- Timestamp
- Activity summary
- IPv6 support
- Remote dashboards
- Blacklist integration
- ML-based detection
Please If Any Problem Happend Tell Me In The Server Channel => https://discord.gg/Hunt3rs
YouTube => https://youtube.com/fr4nc0x1
TryHackMe => https://tryhackme.com/p/DR4X
That's It For Now And I Hope This Tool Makes Your Day Awesome, Remember With Great Power Comes Great Responsibility!