NFStream: a Flexible Network Data Analysis Framework.

A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.

Poseidon is a python-based application that leverages software defined networks (SDN) to acquire and then feed network traffic to a number of machine learning techniques. The machine learning algorithms classify and predict the type of device.

Network recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!

Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.

A website and framework for testing NIDS detection

Merge multiple pcap files together, gracefully.

D4 core software (server and sample sensor client)

pcapdj - dispatch pcap files

A simple yet powerful Java 11 TCP MITM proxy for Dofus 1.29.1

The Red Rabbit project is just what a hacker needs for everyday automation. Red Rabbit unlike most frameworks out there does not automate other peoples tools like the aircrack suite or the wifite framework, it rather has its own code and is raw source with over 270+ options. This framework might just be your everyday key to your workflow

Passive service locator, a python sniffer that identifies servers, clients, names and much more

Documentation for Zeek

the TCPdump network dissector

[DEPRECATED] Graylog NetFlow plugin

Network Analysis Tool

A open source program for TCP analysis of PCAP files

Open-source datasets for anyone interested in working with network anomaly based machine learning, data science and research

Let's be scanned. A low-interaction honeypot focused on network scanners and bots. It integrates very well with IVRE to build a self-hosted alternative to GreyNoise.