266 Open source projects that are alternatives of or similar to pcapdj

Arkime (formerly Moloch) is an open source, large scale, full packet capturing, indexing, and database system.

A Suricata Docker image.

A protocol analyzer like a wireshark on CUI. cuishark is using libwireshark to analyze packets. https://cuishark.slankdev.net

基于MFC和WinPcap库开发的网络抓包和协议分析软件

Obsidian tools - a Python package for analysing an Obsidian.md vault

Packet communication investigator

An Ubuntu 16.04 build containing Suricata, PulledPork, Bro, and Splunk

go netflow, capture process in/out traffic, similar to c Nethogs.

A wireshark plugin to instrument ETW

export mitmproxy traffic to PCAP file

❄️ PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction

SIP3 Captain (Community Edition)

Supporting data for BAD TRAFFIC Citizen Lab report.

A toolset for network packet capture in Cloud/Kubernetes and Virtualized environment.

An extremely crude, lightweight Web Frontend for Suricata/Bro to be used with BriarIDS

Malcom - Malware Communications Analyzer

An open source real-time network topology and protocols analyzer

A terminal UI for tshark, inspired by Wireshark

Small tool to capture packets from wlan devices.

fast, extensible, versatile event router for Suricata's EVE-JSON format

S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator

A simple program to capture and show DNS queries

A FUSE module to mount captured network data

DNS Statistics Collector

Passive service locator, a python sniffer that identifies servers, clients, names and much more

server for indexing and querying passive DNS observations

A tool that provides a basic SQL-frontend to PCAP-files

A website and framework for testing NIDS detection

libpcap bindings for node

A open source program for TCP analysis of PCAP files

CLI tool which looks up hardware vendor names for network devices based on the macvendors.com API

CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule

Network packet and pcap file crafting/sniffing/manipulation/visualization security tool. Originally forked from scapy in 2015 and providing python3 compatibility since then.

the LIBpcap interface to various kernel packet capture mechanism

The tool for updating your Suricata rules.

Pcap editing and replay tools for *NIX and Windows - Users please download source from

Tools for multimodal and multilevel network analysis

A Suricata based IDS/IPS distro

Secure multithreaded packet sniffer

High-level, multiplatform C++ network packet sniffing and crafting library.

dpdk infrastructure for software acceleration. Currently working on RX and ACL pre-filter

PcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packets. It is designed to be efficient, powerful and easy to use. It provides C++ wrappers for the most popular packet processing engines such as libpcap, WinPcap, DPDK and PF_RING.

tcpterm is a packet visualizer in TUI.

Ncurses SIP Messages flow viewer

Mapping NSM rules to MITRE ATT&CK

R package implementing edge bundling algorithms

gonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that you can join on Google Groups: https://groups.google.com/forum/#!topic/gonids/

QCSuper is a tool communicating with Qualcomm-based phones and modems, allowing to capture raw 2G/3G/4G radio frames, among other things.

collector for XDR and security posture service

🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more

RDP honeypot

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.

Network capture utility designed specifically for DNS traffic

A library for creating and sending .pcap files for Wireshark and other programms.

Documentation for Zeek

STriP Net: Semantic Similarity of Scientific Papers (S3P) Network

multigraph: Plot and Manipulate Multigraphs in R

📦 The fastest and simplest packet manipulation lib for Python

The default package source of the Zeek Package Manager

FastNetMon - very fast DDoS sensor with sFlow/Netflow/IPFIX/SPAN support