Patriot Linux is a HIDS for desktop users who wants real time graphical alerts when something suspicious happens
Patriot detect:
1- Suspicious process running
2- New process starting TCP/IP Connection
3- Auditd alerts
4- New keyboards plugged
Installation
You need to configure Auditd with this suggested rules https://github.com/Neo23x0/auditd (you can use your own rules and simply modify keywords in the code)
Install xinput (apt install xinput or yum install xorg-x11-server-utils)
And then simply download py files and run python3 patriot.py
Tested in CentOS/Fedora and Debian/Ubuntu