DefenSys
←   Back to Home

Installation

This guide covers how to install DefenSys on your system. DefenSys supports Windows, macOS, and Linux. On Windows, the installer can optionally deploy Wireshark, Suricata, and Nmap.

Prerequisites

  • Windows: Windows 10 or later (64-bit). Administrator privileges for packet capture and firewall integration.
  • macOS: macOS 10.15 (Catalina) or later.
  • Linux: Modern distribution with systemd. Root/sudo for packet capture and iptables.

Using the Installer (Windows)

The DefenSys installer is an Electron-based wizard that guides you through setup. It can install DefenSys and its dependencies in one flow.

  1. Download the installer from the landing page or releases.
  2. Run the installer executable.
  3. Follow the wizard: accept the license, choose install location, and click Install.
  4. The installer will deploy DefenSys and optionally Wireshark (tshark + Npcap), Suricata IDS, and Nmap.
  5. Launch DefenSys from the Start menu or desktop shortcut.

If DefenSys is already installed, the installer detects it and offers an uninstall flow instead.

Manual Installation

From Source

# Clone the repository (use your repo URL)
git clone <repository-url>
cd defensys

# Install dependencies
npm install

# Build the frontend
cd frontend && npm install && npm run build && cd ..

# Start in development mode
npm run dev

Production Build

# Windows (builds to dist-electron/, uses electron-builder)
npm run dist-win

# macOS
npm run dist-mac

# Linux
npm run dist-linux

Build Output

The build produces executables in dist-electron/. Windows gets NSIS installer and portable zip. The custom Electron installer (with Inno Setup) is built separately via npm run dist-win:installer.

Dependencies (Optional)

For full packet capture and IDS capabilities, install these tools. See Dependencies for detailed information.

  • Wireshark / tshark + Npcap – Deep packet inspection
  • Suricata – Signature-based intrusion detection
  • Nmap – Network scanning and discovery

The Windows installer can install these automatically. On macOS/Linux, install them via your package manager.

Dependencies

DefenSys can integrate with optional tools for deeper packet capture and signature-based detection. The Windows installer can deploy these automatically.

Wireshark / tshark + Npcap

Wireshark provides tshark for command-line packet capture. Npcap is the Windows packet capture driver (successor to WinPcap). Together they enable:

  • Deep packet inspection
  • Protocol decoding
  • PCAP export

Suricata

Suricata is an open-source IDS/IPS engine. DefenSys can use it for:

  • Signature-based detection (rules)
  • Protocol parsing
  • File extraction

Rules are typically stored in rules/ and can be updated independently.

Nmap

Nmap is a network scanner. It supports:

  • Host discovery
  • Port scanning
  • Service detection
  • OS fingerprinting

DefenSys may use Nmap for network topology and device discovery.

Python (for ML)

For full ML inference, Python 3 with scikit-learn (and optionally PyOD) is required. See Machine Learning for details.