ArkimeArkime (formerly Moloch) is an open source, large scale, full packet capturing, indexing, and database system.
Stars: ✭ 4,994 (+12080.49%)
CuisharkA protocol analyzer like a wireshark on CUI. cuishark is using libwireshark to analyze packets. https://cuishark.slankdev.net
Stars: ✭ 208 (+407.32%)
SnifferUI基于MFC和WinPcap库开发的网络抓包和协议分析软件
Stars: ✭ 86 (+109.76%)
obsidiantoolsObsidian tools - a Python package for analysing an Obsidian.md vault
Stars: ✭ 179 (+336.59%)
pciPacket communication investigator
Stars: ✭ 82 (+100%)
vagrant-idsAn Ubuntu 16.04 build containing Suricata, PulledPork, Bro, and Splunk
Stars: ✭ 21 (-48.78%)
go-netflowgo netflow, capture process in/out traffic, similar to c Nethogs.
Stars: ✭ 145 (+253.66%)
WinsharkA wireshark plugin to instrument ETW
Stars: ✭ 191 (+365.85%)
mitmpcapexport mitmproxy traffic to PCAP file
Stars: ✭ 42 (+2.44%)
Pcapxray❄️ PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction
Stars: ✭ 1,096 (+2573.17%)
badtrafficSupporting data for BAD TRAFFIC Citizen Lab report.
Stars: ✭ 21 (-48.78%)
Packet AgentA toolset for network packet capture in Cloud/Kubernetes and Virtualized environment.
Stars: ✭ 419 (+921.95%)
TheBriarPatchAn extremely crude, lightweight Web Frontend for Suricata/Bro to be used with BriarIDS
Stars: ✭ 21 (-48.78%)
MalcomMalcom - Malware Communications Analyzer
Stars: ✭ 988 (+2309.76%)
SkydiveAn open source real-time network topology and protocols analyzer
Stars: ✭ 2,086 (+4987.8%)
termsharkA terminal UI for tshark, inspired by Wireshark
Stars: ✭ 7,368 (+17870.73%)
HcxdumptoolSmall tool to capture packets from wlan devices.
Stars: ✭ 945 (+2204.88%)
feverfast, extensible, versatile event router for Suricata's EVE-JSON format
Stars: ✭ 47 (+14.63%)
S2ANS2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
Stars: ✭ 70 (+70.73%)
capture-dnsA simple program to capture and show DNS queries
Stars: ✭ 33 (-19.51%)
PcapfsA FUSE module to mount captured network data
Stars: ✭ 17 (-58.54%)
dscDNS Statistics Collector
Stars: ✭ 94 (+129.27%)
PasserPassive service locator, a python sniffer that identifies servers, clients, names and much more
Stars: ✭ 144 (+251.22%)
balboaserver for indexing and querying passive DNS observations
Stars: ✭ 42 (+2.44%)
PacketqA tool that provides a basic SQL-frontend to PCAP-files
Stars: ✭ 363 (+785.37%)
testmynids.orgA website and framework for testing NIDS detection
Stars: ✭ 55 (+34.15%)
Node pcaplibpcap bindings for node
Stars: ✭ 849 (+1970.73%)
captcpA open source program for TCP analysis of PCAP files
Stars: ✭ 110 (+168.29%)
macvendorCLI tool which looks up hardware vendor names for network devices based on the macvendors.com API
Stars: ✭ 17 (-58.54%)
Cve 2020 16898CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule
Stars: ✭ 207 (+404.88%)
KameneNetwork packet and pcap file crafting/sniffing/manipulation/visualization security tool. Originally forked from scapy in 2015 and providing python3 compatibility since then.
Stars: ✭ 827 (+1917.07%)
Libpcapthe LIBpcap interface to various kernel packet capture mechanism
Stars: ✭ 1,785 (+4253.66%)
Suricata UpdateThe tool for updating your Suricata rules.
Stars: ✭ 143 (+248.78%)
TcpreplayPcap editing and replay tools for *NIX and Windows - Users please download source from
Stars: ✭ 745 (+1717.07%)
migraphTools for multimodal and multilevel network analysis
Stars: ✭ 25 (-39.02%)
SelksA Suricata based IDS/IPS distro
Stars: ✭ 707 (+1624.39%)
SniffglueSecure multithreaded packet sniffer
Stars: ✭ 651 (+1487.8%)
LibtinsHigh-level, multiplatform C++ network packet sniffing and crafting library.
Stars: ✭ 1,609 (+3824.39%)
DPDK SURICATA-4 1 1dpdk infrastructure for software acceleration. Currently working on RX and ACL pre-filter
Stars: ✭ 81 (+97.56%)
PcapplusplusPcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packets. It is designed to be efficient, powerful and easy to use. It provides C++ wrappers for the most popular packet processing engines such as libpcap, WinPcap, DPDK and PF_RING.
Stars: ✭ 1,322 (+3124.39%)
Tcptermtcpterm is a packet visualizer in TUI.
Stars: ✭ 288 (+602.44%)
SngrepNcurses SIP Messages flow viewer
Stars: ✭ 605 (+1375.61%)
nsm-attackMapping NSM rules to MITRE ATT&CK
Stars: ✭ 53 (+29.27%)
edgebundleR package implementing edge bundling algorithms
Stars: ✭ 100 (+143.9%)
gonidsgonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that you can join on Google Groups: https://groups.google.com/forum/#!topic/gonids/
Stars: ✭ 140 (+241.46%)
QcsuperQCSuper is a tool communicating with Qualcomm-based phones and modems, allowing to capture raw 2G/3G/4G radio frames, among other things.
Stars: ✭ 492 (+1100%)
altprobecollector for XDR and security posture service
Stars: ✭ 62 (+51.22%)
Analyzer🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more
Stars: ✭ 108 (+163.41%)
rdppotRDP honeypot
Stars: ✭ 55 (+34.15%)
ZeekZeek is a powerful network analysis framework that is much different from the typical IDS you may know.
Stars: ✭ 4,180 (+10095.12%)
DnscapNetwork capture utility designed specifically for DNS traffic
Stars: ✭ 234 (+470.73%)
ArduinopcapA library for creating and sending .pcap files for Wireshark and other programms.
Stars: ✭ 278 (+578.05%)
zeek-docsDocumentation for Zeek
Stars: ✭ 41 (+0%)
stripnetSTriP Net: Semantic Similarity of Scientific Papers (S3P) Network
Stars: ✭ 82 (+100%)
multigraphmultigraph: Plot and Manipulate Multigraphs in R
Stars: ✭ 18 (-56.1%)
Pypacker📦 The fastest and simplest packet manipulation lib for Python
Stars: ✭ 216 (+426.83%)
PackagesThe default package source of the Zeek Package Manager
Stars: ✭ 94 (+129.27%)
FastnetmonFastNetMon - very fast DDoS sensor with sFlow/Netflow/IPFIX/SPAN support
Stars: ✭ 2,860 (+6875.61%)