xzcrpw

xzcrpw / blackwall

Public

AI-native eBPF firewall and Active Deception mesh

getblackwall.com
136
14
100% credibility
Found Apr 04, 2026 at 114 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Rust
AI Summary

Blackwall is a smart network guardian that swiftly blocks threats and lures attackers into a deceptive fake server powered by AI.

How It Works

1
🕵️‍♂️ Discover Blackwall

You stumble upon Blackwall, a clever protector inspired by a video game that keeps sneaky visitors away from your online space.

2
📥 Bring it home

Download this free guardian to your computer and get ready to set it up.

3
🧠 Add a smart sidekick

Link a helpful thinking service so your protector can spot tricky patterns.

4
🚀 Launch the shield

Flip the switch and watch your protector spring to life, guarding your connections instantly.

5
👁️ Spot the intruders

See bad visitors get blocked or pulled into a pretend playground where they waste time.

🛡️ Stay safe effortlessly

Relax knowing your online world is protected, with stories of caught troublemakers in your logs.

Sign up to see the full architecture

4 more

Sign Up Free

Star Growth

See how this repo grew from 114 to 136 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is blackwall?

Blackwall is an AI-native eBPF firewall that runs inside the Linux kernel to inspect packets at line rate, blocking threats via JA4 TLS fingerprinting, entropy analysis, and behavioral tracking. Instead of just dropping bad traffic, it redirects attackers into an active deception mesh—a tarpit honeypot powered by local LLMs like Ollama that simulates a compromised Ubuntu server with fake SSH, HTTP, MySQL, and DNS services. Built in Rust, it attaches to your network interface via XDP, pulls threat feeds, and captures PCAP forensics, all configurable via TOML.

Why is it gaining traction?

Its cyberpunk vibe—named after the Blackwall quickhack from Cyberpunk 2077—hooks devs into trying this blackwall cyberdeck for homelabs, blending eBPF speed with AI-native deception that wastes attackers' time while logging their moves. The distributed mesh lets multiple nodes share intel peer-to-peer, and pure Rust with zero unwraps means it's reliable without bloat. Stands out from nftables or Suricata by being kernel-native and LLM-driven for adaptive blocking.

Who should use this?

Linux sysadmins hardening production servers against scanners and botnets, security researchers testing deception tactics, or homelab tinkerers wanting a blackwall gateway beyond basic firewalls. Ideal for edge nodes like VPS or cyberpunk-inspired setups needing active defense without cloud dependency.

Verdict

Try it for research or low-stakes homelabs—86 stars and 1.0% credibility score signal early maturity, but solid docs, 123 tests, and multilingual READMEs make it approachable. Polish the tarpit config for prod; it's a clever solo Rust project worth watching.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.