Packet Analysis
Packet Analysis groups the cybersecurity tools focused on packet analysis, pulled from across every category so you can compare every option in one place. Filter by category or pricing to narrow the field. Independent and vendor-neutral: we never sell rankings.
Browse 0 cybersecurity solutions, with 0 security professionals searching monthly
FEATURED
Embeddable DPI engine for real-time protocol/app classification up to L7.
Bypass TAP/packet broker hybrid for before-and-after inline tool traffic analysis.
Enterprise network monitoring via deep packet inspection & traffic classification.
Windows platform for auditing network security defences via custom PCAP replay.
Network hop-limiting platform that reduces attack surface for MSSPs.
NetFlow/IPFIX traffic analyzer for network visibility and anomaly detection.
Packet-based network observability platform for hybrid environments.
Lossless packet capture & analysis appliance at 10–200 Gbps line rate.
Network traffic broker for visibility, monitoring, and traffic optimization
Online tool that provides automated behavioral analysis of PCAP files
Snort is an open-source network intrusion detection and prevention system that analyzes traffic in real-time to identify and block malicious activity using rule-based detection methods.
A Zeek-based protocol analyzer that parses GQUIC traffic to extract connection metadata and create fingerprints for detecting anomalous network behavior.
A reverse engineering tool that extracts and organizes Samsung ODIN3 protocol messages from USB packet captures into human-readable files.
Zeek Remote desktop fingerprinting script for fingerprinting Remote Desktop clients.
A multiplatform C++ library for capturing, parsing, and crafting network packets with support for various network protocols.
InternalBlue is a Bluetooth experimentation framework that enables low-level firmware interaction with Broadcom chips for security research and attack prototype development.
A tool that reads IP packets from the network or a tcpdump save file and writes an ASCII summary of the packet data.
Stenographer is a high-performance full-packet-capture utility for intrusion detection and incident response purposes.
A command-line tool that allows SQL queries to be executed directly on PCAP files for network traffic analysis with support for multiple output formats.
CIRTKit is a DFIR console built on the Viper Framework that integrates various forensic tools and provides modules for packet analysis, memory analysis, and automated incident response workflows.
Apache Spot is an open source big data platform that analyzes network flows and packet data to identify security threats and provide visibility into enterprise computing environments.
An open source packet capture and forwarding tool that captures network packets on one machine and sends them to another for remote monitoring and analysis.
RedWarden is a Cobalt Strike C2 reverse proxy that uses packet inspection and malleable profile correlation to evade detection by security controls during red team operations.
