Inner Warden | Your Server Defends Itself

Source-available · Rust · Safe by default

Autonomous security agent for Linux. 38 eBPF kernel hooks, 48 detectors, 23 cross-layer correlation rules. Detects attacks from firmware to userspace. Responds automatically. Rust.

Get started View on GitHub

|Live threat feed|48 detectors · 38 kernel hooks · 23 correlation rules

How it works

Five stages. Zero overhead.

Why you need this

Attacks don't wait. Your defense shouldn't either.

Threats are constant

SSH brute-force, port scans, web scanners, credential stuffing. Every public server gets hit. Most operators discover this only after something goes wrong.

Detect, score, block. Automatically.

Inner Warden watches your logs in real time. Every threat gets an AI-scored confidence level. Above your threshold? Firewall rule added. Telegram alert sent.

You stay in control

Dry-run by default. Full audit trail. Every decision logged. Approve or deny actions from Telegram. Go live only when you trust the decisions.

See it in action

It's 2 AM. Someone brute-forces your SSH. You're asleep.

Here's what Inner Warden does while you sleep.

Threat contained. 4 seconds.

8 failed SSH logins in 300 seconds from 203.0.113.42. Inner Warden catches the pattern, AI confirms brute-force with 0.90 confidence. Firewall deny rule added via ufw. Your phone buzzes with the Telegram alert.

Honeypot traps the attacker.

A different IP tries the same trick. This time they hit the honeypot. Fake SSH session, real capture. Every credential and command logged. Session ends, IP blocked, transcript saved.

Blocked IPs are reported to AbuseIPDB and pushed to Cloudflare WAF. Your defense protects others too.

Beyond log analysis

Other tools detect and alert. Inner Warden blocks inside the kernel.

22 eBPF programs run inside the Linux kernel. They see every syscall, every process, every connection. When an attacker builds a reverse shell, the kernel itself denies the final execve. No userspace delay. No evasion possible.

🧬

38 kernel hooks

execve, connect, ptrace, setuid, bind, mount, memfd_create, mprotect, clone, and 13 more. Every security-relevant syscall monitored.

⛓️

Kill chain detection

7 attack patterns tracked per-PID: reverse shell, bind shell, code injection, shellcode execution, and 3 zero-day exploit patterns. Blocked at execve. The attacker never gets a shell.

🚫

LSM enforcement

Linux Security Modules hook, the same framework as SELinux and AppArmor. Blocks execution from /tmp and /dev/shm. Policy-gated, fail-open by default.

⚡

XDP wire-speed blocking

Malicious IPs are dropped at the network driver level before reaching the kernel stack. 10 million+ packets per second. Zero CPU overhead.

🔇

Kernel-level noise filters

137 safe processes allowlisted in BPF maps. Package managers, compilers, system daemons. Filtered before events reach userspace. Zero false positives from known-good software.

🎯

Zero-day detection

No signatures. No CVE database. Attack patterns are detected by syscall sequence: mprotect(RWX) + dup2(stdin) + execve = blocked. Works against exploits that don't exist yet.

How it protects you

Start safe. Scale up when ready.

Every feature is off by default. Enable what you need, when you need it.

Basic Protection

Start here

SSH brute-force detection
Credential stuffing detection
Real-time monitoring
Full audit trail (JSONL)
Telegram notifications
Dry-run mode by default

Automated Defense

Enable when ready

Auto-block IPs (ufw, iptables, nftables, pf)
AI-powered confidence scoring
Policy-gated execution
Cloudflare WAF integration
AbuseIPDB reporting
nginx rate limiting

Advanced

Optional power-ups

SSH honeypot trap
AI command validation (check-command API)
Port scan and web scanner detection
Docker container isolation
File integrity monitoring
Fake bot detection (rDNS)

Not sure what to enable? One command figures it out.

Scans your server, detects what's running (SSH, Docker, nginx, Suricata, osquery...), and tells you exactly what to enable.

Built for trust

What if it makes a mistake?

Dry-run by default

Nothing changes until you explicitly enable live mode.

Rust controls execution

The AI can analyze, but never execute. A compromised model cannot harm your server.

Hash-chained audit trail

SHA-256 tamper-evident chain. Every decision, every admin action. GDPR export and erase built in.

Policy-gated actions

Confidence thresholds, action whitelist, TTL cleanup. You set the rules.

Telegram approval

High-risk actions require manual approve/deny from your phone.

Compliance

Designed for regulated environments.

Inner Warden ships with the controls auditors look for. Hash-chained audit trails, admin action logging, session management, configurable retention, and GDPR data subject commands. No add-ons, no enterprise tier. Built in from day one.

SHA-256 hash-chained audit trail

Every decision and admin action recorded in tamper-evident JSONL with cryptographic integrity. Modify one entry and the chain breaks.

Admin action logging

Every capability enable, config change, IP block, and login recorded with operator identity, timestamp, and parameters.

GDPR export and erase

innerwarden gdpr export and innerwarden gdpr erase. Search by IP or username across all data files. Hash chains recomputed after erasure.

Configurable retention

Events: 7 days. Incidents: 30 days. Audit trail: 90 days. All configurable per your compliance requirements.

Session-based authentication

Dashboard auth with session tokens, configurable timeout, max concurrent sessions, and automatic expiry. Login and logout audited.

Forensic evidence capture

Automatic process state snapshots for high-severity incidents: open files, network connections, memory maps. Credentials redacted.

Designed to meet ISO 27001 Annex A controls (A.9, A.10, A.12, A.16, A.18). Read the full privacy and data protection documentation.

Safe to install

Yes, it's `curl | bash`. Here's what it does.

curl -fsSL https://innerwarden.com/install | sudo bash

Downloads a single SHA-256 verified binary (~7 MB) to /usr/local/bin
Creates a dedicated service user with minimal permissions
Starts sensor + agent via systemd (Linux) or launchd (macOS)
Begins in dry-run mode. No firewall changes until you say so.

Want to read the script first? innerwarden.com/install

Your phone is the dashboard

Talk to your server on Telegram.

Real-time alerts, approve/deny actions, and a conversational bot that answers questions about your server's security.

Set up in one command

innerwarden notify telegram

Interactive wizard. Bot token and chat ID via prompts.

Collaborative defense

Attack one node. Protect them all.

Inner Warden nodes form a mesh network. When one detects a threat, all others block the attacker automatically. Like birds that fly when one hears danger.

🔏

Ed25519 signed

Every threat signal is cryptographically signed. Tampered signals are rejected instantly.

🎯

Game-theory trust

Tit-for-tat reputation. New peers start skeptical. Trust grows with confirmed signals, drops with false ones. 3:1 asymmetry.

⏱️

Staged with TTL

No signal causes permanent action. Everything is scored and staged. Blocks auto-revert if not confirmed locally.

🛡️

Sybil resistant

New nodes start at trust 0.1. Rate-limited to 50 signals/hour. Malicious nodes get quarantined automatically.

innerwarden mesh add-peer https://peer-server:8790

That's it. Identity generated automatically. Peers discovered via ping. Trust builds over time as signals get confirmed.

Ready?

Your server should defend itself. Let it.

38 kernel hooks. 48 detectors. 23 correlation rules. 8 kill chain patterns. Install in 10 seconds. Dry-run by default.