D4 Project

D4 Project

A large-scale distributed sensor network to monitor DDoS and other malicious activities relying on an open and collaborative project.

Featured

Online services

All Stories

Plum: knowing and monitoring your perimeter

Plum, for Proactive Land Uncovering & Monitoring, is an orchestration tool to learn, monitor, and document an exposure surface. It coordinates work between scanning agents, keeps historical results, and makes...

29 Apr 2026

Learning from large-scale IPv4 blackhole: Behavioral analysis of SNMP traffic

Behavioral Analysis of SNMP traffic

27 Nov 2025

NGSOTI – Architecture Overview

NGSOTI – Architecture Overview

19 Sep 2025

Training Experience in NGSOTI Project

Our Experience and Key Takeaways from Trainings within the NGSOTI EU Funded Project

19 Jun 2025
Enhancing Detection Engineering with Automated Malware Sandboxing

Enhancing Detection Engineering with Automated Malware Sandboxing

Enhancing Detection Engineering with Automated Malware Sandboxing

02 Oct 2024
Version Fingerprinting Tricks: Automating Software Identification for Vulnerability Scanners

Version Fingerprinting Tricks: Automating Software Identification for Vulnerability Scanners

Version Fingerprinting Tricks: Automating Software Identification for Vulnerability Scanners

02 Jul 2024
Publishing open data in the cyber security field

Publishing open data in the cyber security field

Publishing open data in the cyber security field

04 Oct 2021
Monitoring botnets that use Tor proxies

Monitoring botnets that use Tor proxies

Tor is an onion routing protocol that can used to protect users’ anonymity and circumvent censorship. Tor allows for the hosting of hidden-services that are services only accessible through Tor....

20 Apr 2021
d4-goclient v0.4 released

d4-goclient v0.4 released

Table of Contents

28 Apr 2020
Analyzing TCP port scan

Analyzing TCP port scan

A few years ago, the Mirai botnet was talked about because it caused a few major DDoS attacks around August 2016. The author later released the source code on hackforums...

Alexis Lecocq Alexis Lecocq
06 Mar 2020
Observing ssh failed login attempts

Observing ssh failed login attempts

Table of Contents

12 Feb 2020
Building a distributed Maltrail sensor network using D4

Building a distributed Maltrail sensor network using D4

Table of Contents

25 Sep 2019

"In any case, I would argue that absolute measures are not the goal in cybersecurity, that relative measures are sufficient for the simple fact that relative measures -- like is such and such risk getting worse -- are sufficient for decision support. This has parallels in the physical world; no police department will ever know how much heroin is for sale, but they can tell the price, and a rising or falling price is sufficient for decision making about what to do and whether what was already done had a positive effect."

Dan Geer in talk 7th October 2015

Connect with Us