Open source security data pipelines.
-
Updated
Jun 6, 2024 - C++
Open source security data pipelines.
Arkime is an open source, large scale, full packet capturing, indexing, and database system.
PcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packets. It is designed to be efficient, powerful and easy to use. It provides C++ wrappers for the most popular packet processing engines such as libpcap, Npcap, WinPcap, DPDK, AF_XDP and PF_RING.
remote capture program in python using TCPdump
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT in Prague.
Comfortably monitor your Internet traffic 🕵️♂️
Ingesting, pipelining, and enhancing your DNS logs with usage indicators, security analysis, and additional metadata.
Scapy: the Python-based interactive packet manipulation program & library.
go-pcap2socks functions like a router, allowing you to connect various devices such as an XBOX, PlayStation (PS4, PS5), Nintendo Switch, mobile phones, printers and others to any SOCKS5 proxy server. Additionally, you can host a SOCKS5 proxy server on the same PC to use services like a VPN or a game booster/accelerator for reduced latency
FastNetMon - very fast DDoS sensor with sFlow/Netflow/IPFIX/SPAN support
Poseidon is a python-based application that leverages software defined networks (SDN) to acquire and then feed network traffic to a number of machine learning techniques. The machine learning algorithms classify and predict the type of device.
Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
The default package source of the Zeek Package Manager. Wrote a package? See the README for how to get it included.
the LIBpcap interface to various kernel packet capture mechanism
Visualization software designed to explore large amouts of data. (this is the read-only mirror of https://gitlab.com/squey/squey)
Add a description, image, and links to the pcap topic page so that developers can more easily learn about it.
To associate your repository with the pcap topic, visit your repo's landing page and select "manage topics."