π‘οΈ A Family of Protectors Building the Future of Collective Defense π‘οΈ
Enterprise-grade AI security on a $75 Raspberry Pi. No vendor lock-in. No black boxes. No BS.
β‘ Quick Start β’ π Our Manifesto β’ π€ Join The Family β’ π οΈ Contribute
"In a world where attackers share everything, defenders must too."
The security industry is broken. Enterprise protection costs $50,000/year. Small businesses get ransomed. Individuals are left defenseless. Meanwhile, the bad guys collaborate in forums and marketplaces while the good guys fight alone.
We're building the resistance.
HookProbe is a decentralized security mesh where every node protects every other node. When a Guardian in Tokyo blocks a zero-day, a Sentinel in SΓ£o Paulo is protected in seconds. When a Fortress in Berlin identifies ransomware, the entire mesh learns instantly.
β Star this repo if you believe security should be accessible to everyone. Stars help others discover protection.
| The Problem | Our Answer |
|---|---|
| π° Security costs $50K+/year | $75 hardware, $0 software |
| π Black-box algorithms | Every decision is explainable |
| π’ Enterprise-only protection | Same AI for everyone |
| π€ Vendors own your data | Your data never leaves your edge |
| π° Constant manual work | Set it and forget it |
| π Fighting alone | Collective mesh defense |
Transparency creates trust. Trust enables achievement.
HookProbe is built on a simple belief: security technology should empower people, not create dependency. When you can see exactly how your protection works, audit every line of code, and understand every decision the system makes, you're free to focus on what matters - building, creating, and achieving more.
We reject the security industry's black-box approach. Our code is open. Our algorithms are documented. Our data handling is verifiable. When one HookProbe node anywhere in the world detects a threat, every node learns instantly - without anyone's private data ever leaving their control.
This is security that works for you, not security that works on you.
| Black-Box Security | HookProbe (Transparent) |
|---|---|
| "Trust us, we're protecting you" | Audit the code yourself |
| Your data sent to vendor clouds | Your data never leaves your edge |
| Opaque threat scoring | See exactly why decisions are made |
| Vendor lock-in | Open standards, your choice |
| Security creates dependency | Security enables independence |
| Complex interfaces hide complexity | Simple interfaces, documented complexity |
The difference: Black boxes ask for trust. Transparency earns it.
Traditional security demands constant attention - alerts to investigate, logs to review, updates to manage. HookProbe handles this automatically so you can focus on your actual work.
- Automated threat response - No manual investigation needed
- Self-learning baselines - Adapts to your environment
- Collective intelligence - Benefits from global threat detection without effort
Enterprise security typically requires dedicated teams. HookProbe brings the same protection to anyone, regardless of technical background.
# That's it. You're protected.
./install.sh --tier guardianFrom a single Raspberry Pi to a global mesh of thousands of nodes - same technology, same transparency, scaling to your needs.
| Your Situation | Solution | Investment |
|---|---|---|
| Home network | Guardian | $75 hardware, $0 software |
| Small business | Fortress | $200 hardware, $0 software |
| Growing company | Nexus | $2000 hardware, $0 software |
| Enterprise/MSSP | Custom | Contact us |
Every security decision, every threat detection, every response action - it's all yours. Export it. Analyze it. Verify it. No vendor has access unless you grant it.
HookProbe's most powerful feature isn't code - it's community.
Node A (Singapore) Detects zero-day attack
β
βΌ
Mesh Intelligence Validates pattern, creates signature
β
ββββββββββββββββββββββββββββββββββββββββ
βΌ βΌ
Node B (London) Node C (New York) Node D (Berlin)
Protected in <30s Protected in <30s Protected in <30s
How it works:
- Detection - Any node detects a new threat pattern
- Validation - Mesh consensus confirms it's legitimate
- Distribution - Anonymized signature shared instantly
- Protection - All nodes block the threat
What we never share:
- Your raw traffic data
- Your IP addresses
- Your internal network details
- Any personally identifiable information
What we share:
- Anonymized threat signatures
- Attack patterns (source removed)
- Model weight updates (federated learning)
This is collective defense that respects individual privacy.
HookProbe's core innovation is the integrated security stack that provides end-to-end protection from detection to response to mesh propagation.
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β HTP-DSM-NEURO-QSECBIT-NSE SECURITY STACK β
β "One node's detection β Everyone's protection" β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β βββββββββββββββ βββββββββββββββ βββββββββββββββ βββββββββββββββ β
β β HTP βββββΆβ DSM βββββΆβ NEURO βββββΆβ QSECBIT β β
β β Transport β β Consensus β β Resonance β β Scoring β β
β βββββββββββββββ βββββββββββββββ βββββββββββββββ βββββββββββββββ β
β β β β β β
β ββββββββββββββββββββ΄βββββββββββββββββββ΄βββββββββββββββββββ β
β β β
β ββββββββΌβββββββ β
β β NSE β β
β β Encryption β β
β β (Neural AI) β β
β βββββββββββββββ β
β β
β "Nobody knows the key - the AI communicates via neural synapses" β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
| Component | Purpose | Innovation |
|---|---|---|
| HTP | HookProbe Transport Protocol | Post-quantum Kyber KEM, keyless authentication |
| DSM | Decentralized Security Mesh | Byzantine fault-tolerant consensus, 2/3 quorum |
| NEURO | Neural Resonance Protocol | Device fingerprinting via weight evolution |
| QSECBIT | Quantified Security Metric | Real-time RAG scoring (GREEN/AMBER/RED) |
| NSE | Neural Synaptic Encryption | Keys emerge from neural state - nobody knows the password |
Traditional encryption requires sharing secrets. NSE eliminates this:
Traditional: "Do you know the password?"
NSE: "Can your neural state produce the matching key?"
Keys are DERIVED from:
βββ Neural weight state (unique per device)
βββ Resonance Drift Vector (temporal)
βββ Qsecbit score (security context)
βββ Collective entropy (mesh participation)
Result: Encryption where nobody knows the key
When an attack is detected, the entire stack activates:
1. DETECTION β Qsecbit identifies threat (L2-L7)
2. SCORING β RAG status calculated (GREEN/AMBER/RED)
3. RESPONSE β XDP/eBPF blocks at kernel level
4. PROPAGATION β Mesh consciousness spreads intelligence
5. CONSENSUS β DSM validates across validator network
6. PROTECTION β All nodes protected in <30 seconds
HookProbe includes AI vs AI testing - our Red Team AI attacks the stack while our Blue Team AI defends:
- 9 Attack Vectors: TER replay, timing, entropy poisoning, weight prediction, etc.
- CVSS Scoring: Vulnerability severity from 0.0-10.0
- Automated Mitigations: AI-suggested code-level fixes
- Designer Alerts: Multi-channel notifications for critical findings
"Know your vulnerabilities before someone else does"
Every component is documented. Every algorithm is explained. Nothing is hidden.
Traditional security: "This is bad" (trust us) HookProbe: "This scores 0.72 because drift=0.25, attack_probability=0.85, decay=0.12"
# The actual formula - no secrets
Qsecbit = α·drift + β·p_attack + γ·decay + δ·q_drift + Ρ·energy_anomaly
# You can verify every calculation
# See: core/qsecbit/qsecbit.py| Score | Status | What Happens | Why |
|---|---|---|---|
| < 0.45 | GREEN | Learning mode | System behavior normal |
| 0.45-0.70 | AMBER | Mitigation starts | Anomalies detected, investigating |
| > 0.70 | RED | Full defense | Confirmed threat, blocking |
Not just "blocked" - but why it was blocked:
Domain: suspicious-tracker.com
Decision: BLOCKED
Confidence: 92%
Reason: High entropy (4.2), matches tracking pattern, CNAME resolves to known tracker
Category: ADVERTISING_TRACKER
Every block is explainable. Every decision is auditable.
Post-quantum cryptography you can inspect:
- Kyber KEM - NIST-approved, implementation viewable
- ChaCha20-Poly1305 - Standard authenticated encryption
- Entropy-based authentication - Novel but documented
DDoS mitigation at the kernel level, but you can see exactly what rules are applied:
# View active XDP rules
./hookprobe-ctl xdp show
# Understand every decision
./hookprobe-ctl xdp explain --ip 192.168.1.100Achieve: Secure home network without becoming a security expert Transparency benefit: Know exactly what's being blocked and why Time saved: Set and forget - system learns your patterns
Achieve: Enterprise-grade protection without enterprise costs Transparency benefit: Audit-ready logs, explainable decisions Time saved: No dedicated security team needed
Achieve: Security that integrates with your workflow Transparency benefit: Full API access, source code available Time saved: Automated responses, scriptable interfaces
Achieve: Offer premium security services at scale Transparency benefit: Show clients exactly how they're protected Time saved: Centralized management, automated operations
Transparency isn't just about code - it's about visibility.
Cortex is a real-time 3D visualization of your entire defense network. Watch threats arrive from across the world and see them blocked in real-time.
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β HOOKPROBE CORTEX β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β β ββ
β β ⬑ Nexus (ML/AI) Attack Arc β ββ
β β β β ββ
β β ⬑ Guardian ββββββ Mesh ββββββ ⬑ Fortress ββ
β β β β ββ
β β ⬑ Sentinel (IoT) β Repelled Arc ββ
β β ββ
β β [NODES: 1,247] [ATTACKS: 89] [REPELLED: 89] [QSECBIT] ββ
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Real-time 3D globe with attack trajectories β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Not a dashboard about your security. A window into your security.
# First-time setup (fresh Raspberry Pi)
sudo apt update && sudo apt install -y git
# Clone and install
git clone https://github.com/hookprobe/hookprobe.git
cd hookprobe
sudo ./install.sh --tier guardian # π Home/Prosumer ($75 RPi, 1.5GB RAM)
# Other tiers available:
# sudo ./install.sh --tier fortress # π’ Business ($200 Mini PC, 4GB RAM)
# sudo ./install.sh --tier nexus # ποΈ Enterprise ($2000 Server, 16GB+ RAM)That's it! The install script handles everything else automatically:
- System packages (hostapd, dnsmasq, suricata, etc.)
- Python dependencies
- Locale and WiFi country configuration
- Network interface setup
- Service configuration
β±οΈ Time to protection: ~5 minutes π Ongoing maintenance: Automatic π° Software cost: $0
The majority of HookProbe is open source under AGPL v3.0:
- Deployment scripts and configuration
- Guardian product tier
- Mesh communication layer
- Threat response modules
- All documentation
- Cortex visualization
Our proprietary components (Qsecbit algorithm, Neural Resonance protocol, dnsXai classifier) are clearly documented. You can understand what they do and why - the implementation is protected, but the purpose is transparent.
We didn't add privacy as an afterthought. The architecture ensures:
- Raw data never leaves your edge
- Only anonymized signatures are shared
- You control what participates in the mesh
- Compliance (GDPR, NIS2) is built-in
- Public roadmap
- Open issue tracking
- Community contributions welcome
- Regular security audits
Licensing Details | Contributing Guide
hookprobe/
βββ core/ # Core Intelligence (documented)
β βββ htp/ # Transport Protocol (open source)
β βββ qsecbit/ # AI Threat Scoring (documented, proprietary)
β βββ neuro/ # Neural Authentication (documented, proprietary)
β
βββ shared/ # Shared Modules
β βββ dnsXai/ # AI DNS Protection (documented, proprietary)
β βββ mesh/ # Collective Defense (open source)
β βββ dsm/ # Decentralized Security (documented, proprietary)
β βββ response/ # Automated Response (open source)
β βββ cortex/ # 3D Visualization (open source)
β
βββ products/ # Deployment Tiers (mostly open source)
β βββ guardian/ # Home/Prosumer
β βββ fortress/ # Business
β βββ nexus/ # Enterprise
β βββ mssp/ # Service Provider (proprietary)
β
βββ deploy/ # Deployment Scripts (open source)
Every directory has documentation. Every module has a README.
| Resource | Description |
|---|---|
| Installation Guide | Get started in 5 minutes |
| Architecture Overview | Understand the system |
| Qsecbit Documentation | How threat scoring works |
| Mesh Architecture | Collective defense explained |
| Cortex Visualization | See your security |
| API Reference | Integrate and extend |
| GDPR Compliance | Privacy documentation |
| Security Policy | Report vulnerabilities |
We don't ask you to trust us. We give you the tools to verify.
- Every threat decision is explainable
- Every line of defense code is auditable
- Every piece of your data stays under your control
- Every node in the mesh strengthens everyone
This is what security looks like when transparency comes first.
HookProbe isn't a product. It's a movement. A family of people who believe that security is a right, not a privilege.
| Action | Impact |
|---|---|
| β Star this repo | Help others discover protection |
| π§ Deploy HookProbe | Strengthen the mesh for everyone |
| π Find vulnerabilities | Make the stack stronger |
| π Contribute code/docs | Build the future together |
| π’ Share the project | Spread the word |
- π We share knowledge freely - No paywalls on protection
- π€ We help each other - Stuck? Ask. Know something? Teach.
- π οΈ We build together - Your contribution makes everyone stronger
- π‘οΈ We protect each other - One node's detection β Everyone's protection
Read our Manifesto to understand what we're building and why.
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β β
β We're not building a product. β
β We're building a MOVEMENT. β
β β
β A world where: β
β β’ A grandmother in rural India has the same protection as a bank in NYC β
β β’ A small business in Nigeria can't be ransomed β
β β’ A journalist in a dangerous country has unbreakable encryption β
β β’ A hospital never has to choose between ransom and saving lives β
β β
β This is possible. β
β This is what we're building. β
β This is HookProbe. β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
HookProbe v5.1 "Neural"
One Node's Detection β Everyone's Protection
The HTP-DSM-NEURO-QSECBIT-NSE Security Stack
π‘οΈ Join the family. Protect each other. Achieve more. π‘οΈ
β‘ Get Started Β· π Read The Manifesto Β· π οΈ Contribute Β· π¬ Community
"In a world where attackers share everything, defenders must too."