Skip to content

Cyrenus is a high-performance eBPF-based network traffic monitoring and DDoS protection system, seamlessly integrated with Tetragon for runtime security.

License

Notifications You must be signed in to change notification settings

cyrenus-sec/cyrenus

Repository files navigation

Cyrenus

In the name of God, the Most Gracious, the Most Merciful

Cyrenus CE

Languages: English | العربية

Cyrenus is a high-performance eBPF-based network traffic monitoring and DDoS protection system, seamlessly integrated with Tetragon for runtime security.

Installation

Choose the installation method that best fits your needs:

Option 1: Quick Install (Binary) - Recommended

Run this command in your terminal to install Cyrenus instantly:

curl -fsSL https://raw.githubusercontent.com/cyrenus-sec/cyrenus/main/install-binary.sh | sudo bash

Fast installation using pre-built binaries. No compilation required!

Supported Architectures:

  • x86_64 (amd64)
  • ARM64 (aarch64)

Installation Time: ~30 seconds


Option 2: Build from Source

For development or customization, build from source:

sudo ./install.sh

This installs dependencies, builds Cyrenus, and configures everything automatically.

Supported Distributions:

  • Ubuntu/Debian
  • RHEL/CentOS/Fedora
  • Arch Linux

Installation Time: ~5-10 minutes


Option 3: Docker Container

Run Cyrenus in a container:

Build:

docker build -t cyrenus .

Run:

docker run -d --name cyrenus \
  --cap-add SYS_ADMIN \
  --cap-add NET_ADMIN \
  --network host \
  -v /sys/kernel/btf:/sys/kernel/btf:ro \
  cyrenus

Post-Installation

1. Configure Tetragon Policies

If you installed via install.sh or Docker, policies may already be applied. To apply manually:

# List active policies
sudo tetra tracingpolicy list

# Add policies
sudo tetra tracingpolicy add config/tetragon/policies/anti-rce.yaml
sudo tetra tracingpolicy add config/tetragon/policies/file-integrity.yaml

2. Verify Installation

Run the verification script to test security policies:

sudo bash tests/verify_policies.sh

Features

  • DDoS Protection: XDP-based packet filtering.
  • Tetragon Integration: Runtime security for Anti-RCE and process monitoring.
  • Web Dashboard: Real-time traffic analysis and control.

Documentation

See docs/ for architecture and API documentation.

License

MIT

About

Cyrenus is a high-performance eBPF-based network traffic monitoring and DDoS protection system, seamlessly integrated with Tetragon for runtime security.

Resources

License

Security policy

Stars

Watchers

Forks

Packages

 
 
 

Contributors