Network Detection and Response
NDR platforms for real-time network threat detection, investigation, and automated response to network-based attacks.
Browse 210 network detection and response tools
FEATURED
RELATED TASKS
A KDE Plasma 4 widget that displays real-time traffic information for active network connections on Linux computers.
A KDE Plasma 4 widget that displays real-time traffic information for active network connections on Linux computers.
A toolset for collecting and processing netflow/ipfix and sflow data from netflow/sflow compatible devices.
A toolset for collecting and processing netflow/ipfix and sflow data from netflow/sflow compatible devices.
High-speed packet capture library with user-level network socket.
High-speed packet capture library with user-level network socket.
Zeek Remote desktop fingerprinting script for fingerprinting Remote Desktop clients.
Zeek Remote desktop fingerprinting script for fingerprinting Remote Desktop clients.
Maltrail is a malicious traffic detection system utilizing blacklists and heuristic mechanisms.
Maltrail is a malicious traffic detection system utilizing blacklists and heuristic mechanisms.
A specialized packet sniffer for displaying and logging HTTP traffic, designed to capture, parse, and log traffic for later analysis.
A specialized packet sniffer for displaying and logging HTTP traffic, designed to capture, parse, and log traffic for later analysis.
Open source framework for network traffic analysis with advanced features.
Open source framework for network traffic analysis with advanced features.
A TCP-based traceroute implementation that bypasses firewall filters to trace the path to a destination.
A TCP-based traceroute implementation that bypasses firewall filters to trace the path to a destination.
Accurate detection of HTTPS interception and robust TLS fingerprinting tool.
Accurate detection of HTTPS interception and robust TLS fingerprinting tool.
A multi-threading tool for sniffing HTTP header records with support for offline and live sniffing, TCP flow statistics, and JSON output.
A multi-threading tool for sniffing HTTP header records with support for offline and live sniffing, TCP flow statistics, and JSON output.
Passive Network Audit Framework (PNAF) v0.1.2 provides passive network auditing capabilities and is now a project of COSMIC-Chapter of The Honeynet Project.
Passive Network Audit Framework (PNAF) v0.1.2 provides passive network auditing capabilities and is now a project of COSMIC-Chapter of The Honeynet Project.
Tcpdump is a command-line packet analyzer for capturing and analyzing network traffic.
Tcpdump is a command-line packet analyzer for capturing and analyzing network traffic.
PFQ v6.2 is a functional framework for Linux optimized for efficient packet capture/transmission and in-kernel processing.
PFQ v6.2 is a functional framework for Linux optimized for efficient packet capture/transmission and in-kernel processing.
High-performance packet capture library with zero copy functionality.
High-performance packet capture library with zero copy functionality.
An open source packet capture and forwarding tool that captures network packets on one machine and sends them to another for remote monitoring and analysis.
An open source packet capture and forwarding tool that captures network packets on one machine and sends them to another for remote monitoring and analysis.
A package for capturing and analyzing network flow data and intraflow data.
A package for capturing and analyzing network flow data and intraflow data.
Passive sniffer tool for analyzing traffic patterns.
Network Detection and Response Tools - FAQ
Common questions about Network Detection and Response tools including selection guides, pricing, and comparisons.
NDR platforms for real-time network threat detection, investigation, and automated response to network-based attacks.
