Turbine Softwork Solutions | Adversarial Systems Engineering

Featured Project

Vigil

// Network Intrusion Detection

Vigil

Vigil is a low-level network intrusion detection system written entirely in C, operating at the kernel boundary without abstractions. It captures raw Ethernet frames via SOCK_RAW sockets at the ETH_P_ALL protocol level, performing deterministic byte-level dissection of protocol headers across the full L2–L4 stack.

A stateful connection tracking engine maintains per-flow state across the packet stream, feeding a real-time threat detection pipeline capable of identifying port scan windows, SYN flood patterns, and malformed flag combinations with sub-millisecond latency. Detected events are persisted via structured alert_t records and streamed through a custom C server layer to a live web dashboard. Zero third-party dependencies at any layer of the stack.

View Repo All Projects

LanguageC (C11)

CaptureSOCK_RAW · ETH_P_ALL

Parse depthL2 → L4 · byte-level

ProtocolsEthernet / IP / TCP / UDP / ICMP

Architecturecapture → parse → conntrack → detect

DetectionPort scan · SYN flood · Flag anomaly

Persistencedatabase.c · alert_t structs

Outputserver.c → web dashboard

DependenciesNone

PlatformLinux

StatusIn development

TURBINE Softwork Solutions

Projects
GitHub

Projects

Open source work from Turbine Softwork Solutions

Vigil

// In Progress

Network IDS in C. Raw socket capture at L2, byte-level protocol dissection through L4, stateful connection tracking, real-time detection of port scans and SYN floods. Alerts route through a C server to a live web dashboard. Zero external dependencies.

VIEW REPO →

Unreleased

// Classified

Next project from Turbine Softwork Solutions. Details withheld pending release.

Unknown

Turbine SoftworkSolutions

Projects

Turbine Softwork
Solutions