⚠️ DDoS Attack Detection & Prevention with Telegram Alert System

This is a powerful tool for detecting potential DDoS attacks based on high request frequency from the same IP address. The system monitors traffic, detects anomalies, and sends real-time alerts to a Telegram bot.

🚀 Features:

1. Real-Time DDoS Detection – Monitors excessive requests from the same IP within a short time frame.
2. Telegram Alert System – Sends alerts with IP and WHOIS details (ISP, location, ASN).
3. Spam Prevention – Implements a 5-minute cooldown per IP to avoid redundant notifications.
4. Configurable Thresholds – Easily adjust detection limits via config.env.

📌 Instructions

To get Chat ID visit @GetMyChatID_Bot Now you will copy the chat Id and config it.

To access the bot @DDoS Detection Alert and START it.

Result

UI Interface for statistics

Telegram Bot Alert

⚙️ Installation:

1️⃣ Clone the Repository:

git clone https://github.com/whitehatboy005/DDoS-Detection-Prevention-Alert.git
cd DDoS-Detection-Prevention-Alert

2️⃣ Install Dependencies

pip install -r requirements.txt

3️⃣ Configure Environment Variables for Windows

notepad config.env

Configure Environment Variables for Linux

nano config.env

Ensure start the bot

Start it --> @DDoS Detection Alert

🚀 Run the main Program

python main.py

🛠️ How It Works:

• Tracks request frequency per IP.
• If an IP exceeds the THRESHOLD, an alert is triggered.
• Sends a Telegram notification with WHOIS data.
• Blocks repeated alerts from the same IP for 5 minutes.

To check the IP Block or not on windows

netsh advfirewall firewall show rule name=all | findstr "<BLOCKED IP>"

To check the IP Block or not on linux

sudo nft list ruleset | grep "<BLOCKED IP>"

👨‍💻 Contribution:

Contributions are welcome! If you have any suggestions for improvements or bug fixes, feel free to submit a pull request.

📝 License

This project is licensed under the terms of the MIT license.