122 Open source projects that are alternatives of or similar to brimcap

A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.

Documentation for Zeek

pcapdj - dispatch pcap files

This project is a SIEM with SIRP and Threat Intel, all in one.

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.

A tool to monitor local network traffic for possible security vulnerabilities. Warns user against possible nmap scans, Nikto scans, credentials sent in-the-clear, and shellshock attacks. Currently supports live monitoring and network capture (pcap) scanning.

Network Tools

Bro IDS + ELK Stack to detect and block data exfiltration

Decapsulate traffic encapsulated within GRE, IPIP, 6in4, ESP (ipsec) protocols, can also remove IEEE 802.1Q (virtual lan) header. Works with pcap files.

lightweight cross-platform networking toolkit

Analyzes network traffic of HBase RegionServers

📦 The fastest and simplest packet manipulation lib for Python

Ansible playbook automation for pfelk

High-throughput / low-latency C++ application framework

Zeek network security monitor plugin that enables parsing of the S7 protocol

BRO/Zeek IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog tcp input to capture and index BRO/Zeek logs coming from a remote sensor.

A open source program for TCP analysis of PCAP files

server for indexing and querying passive DNS observations

Visualize network topologies and collect graph statistics based on pcap files

Zeek IDS Dockerfile

Graphical network analyzer powered by web technologies

A website and framework for testing NIDS detection

Quantum Insert

Merge multiple pcap files together, gracefully.

Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files

A simple program to capture and show DNS queries

Replay UDP packets from a pcap file

DNS Statistics Collector

A platform built for easy-to-use automated network traffic analysis

Aggregator, analyzer, transporter and logging for your DNS logs

collector for XDR and security posture service

S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator

tiny cross-platform socket API library

A Python application to filter and transfer Zeek logs to Elastic/OpenSearch. This app can also output pure JSON logs to stdout for further processing!

Crate to read and write pcap and pcapng files in RUST.

the TCPdump network dissector

Service identification on ciphered traffic.

100% Open-Source Packet Capture Agent for HEP

export mitmproxy traffic to PCAP file

fast, extensible, versatile event router for Suricata's EVE-JSON format

A terminal UI for tshark, inspired by Wireshark

Network capture utility designed specifically for DNS traffic

An Ubuntu 16.04 build containing Suricata, PulledPork, Bro, and Splunk

A protocol analyzer like a wireshark on CUI. cuishark is using libwireshark to analyze packets. https://cuishark.slankdev.net

The Red Rabbit project is just what a hacker needs for everyday automation. Red Rabbit unlike most frameworks out there does not automate other peoples tools like the aircrack suite or the wifite framework, it rather has its own code and is raw source with over 270+ options. This framework might just be your everyday key to your workflow

A wireshark plugin to instrument ETW

SIP3 Captain (Community Edition)

An open source real-time network topology and protocols analyzer

Simple TCP service mocking tool for replaying https://www.wireshark.org and http://www.tcpdump.org captured service traffic

Passive service locator, a python sniffer that identifies servers, clients, names and much more

go netflow, capture process in/out traffic, similar to c Nethogs.

the LIBpcap interface to various kernel packet capture mechanism

dpdk infrastructure for software acceleration. Currently working on RX and ACL pre-filter

High-level, multiplatform C++ network packet sniffing and crafting library.

An extremely crude, lightweight Web Frontend for Suricata/Bro to be used with BriarIDS

🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!

Packet communication investigator

🦈 Tool for visualizing packet captures.

tcpslice concatenates multiple pcap files together, or extracts time slices from one or more pcap files.