Network Security

Nebula is a scalable overlay networking tool emphasizing performance, simplicity, and security.

A specialized packet sniffer for displaying and logging HTTP traffic, designed to capture, parse, and log traffic for later analysis.

Snort is an open source intrusion prevention system that uses rules to detect and prevent malicious network activity.

ICAP Server with Yara scanner for URL and content.

Open source framework for network traffic analysis with advanced features.

A TCP-based traceroute implementation that bypasses firewall filters to trace the path to a destination.

Accurate detection of HTTPS interception and robust TLS fingerprinting tool.

A multi-threading tool for sniffing HTTP header records with support for offline and live sniffing, TCP flow statistics, and JSON output.

A powerful command-line packet analyzer and a portable C/C++ library for network traffic capture with comprehensive documentation.

Passive Network Audit Framework (PNAF) v0.1.2 provides passive network auditing capabilities and is now a project of COSMIC-Chapter of The Honeynet Project.

Open source security-oriented language for describing protocols and applying security policies on captured traffic.

ModSecurity is an open-source web application firewall that provides a flexible and scalable way to monitor and control HTTP traffic.

6Guard is an IPv6 attack detector sponsored by Google Summer of Code 2012 and supported by The Honeynet Project organization.

Romana automates cloud-native network isolation and distributed firewall policies for Kubernetes and OpenStack environments using topology-aware IPAM without overlays.

AWS Network Firewall provides fine-grained control over network traffic and enables easy deployment of firewall security.

CrowdSec is a collaborative behavior detection engine that analyzes system logs to identify and block malicious activities using community-shared threat intelligence.

Tcpdump is a command-line packet analyzer for capturing and analyzing network traffic.

DenyHosts is a script to block SSH server attacks by automatically preventing attackers after failed login attempts.

An open source, self-hosted implementation of the Tailscale control server.

BunkerWeb is a next-generation and open-source Web Application Firewall (WAF) with seamless integration and user-friendly customization options.

A website scanner that provides a sandbox for the web, allowing users to scan URLs and websites for potential threats and vulnerabilities.

OSSEC is a versatile HIDS known for its powerful log analysis and intrusion detection capabilities.

A wireless network detector, sniffer, and intrusion detection system

An open source DDoS protection system that uses distributed algorithms to defend against multi-vector attacks and scale to handle varying bandwidth requirements for network operators and service providers.