Packet Analysis Tools and Resources

LogRythm NetMon

LogRhythm NetMon is a network traffic analytics tool that provides real-time visibility, automated threat detection, and investigation capabilities for organizational networks.

0

Network Traffic Analysis

LogRythm NetMon

LogRhythm NetMon is a network traffic analytics tool that provides real-time visibility, automated threat detection, and investigation capabilities for organizational networks.

0

+2

GQUIC Protocol Analyzer

A Zeek-based protocol analyzer that parses GQUIC traffic to extract connection metadata and create fingerprints for detecting anomalous network behavior.

0

Network Security Monitoring

Anomaly Detection

Logging

GQUIC Protocol Analyzer

A Zeek-based protocol analyzer that parses GQUIC traffic to extract connection metadata and create fingerprints for detecting anomalous network behavior.

0

+7

Apache Spot (Incubating)

Open source software for leveraging insights from flow and packet analysis to identify potential security threats or attacks.

0

Apache Spot (Incubating)

Open source software for leveraging insights from flow and packet analysis to identify potential security threats or attacks.

0

+2

Intrusion Detection Honeypots

A foundational guide for using deception against computer network adversaries using honeypots to detect adversaries before they accomplish their goals.

0

Intrusion Detection Honeypots

A foundational guide for using deception against computer network adversaries using honeypots to detect adversaries before they accomplish their goals.

0

+1

USBPcapOdinDumper

A reverse engineering tool that extracts and organizes Samsung ODIN3 protocol messages from USB packet captures into human-readable files.

0

USBPcapOdinDumper

A reverse engineering tool that extracts and organizes Samsung ODIN3 protocol messages from USB packet captures into human-readable files.

0

+6

Ipsumdump

A tool that reads IP packets from the network or a tcpdump save file and writes an ASCII summary of the packet data.

0

Ipsumdump

A tool that reads IP packets from the network or a tcpdump save file and writes an ASCII summary of the packet data.

0

+1

RDFP

Zeek Remote desktop fingerprinting script for fingerprinting Remote Desktop clients.

0

RDFP

Zeek Remote desktop fingerprinting script for fingerprinting Remote Desktop clients.

0

+2

PcapPlusPlus

A multiplatform C++ library for capturing, parsing, and crafting network packets with support for various network protocols.

0

PcapPlusPlus

A multiplatform C++ library for capturing, parsing, and crafting network packets with support for various network protocols.

0

+2

snort

Snort is an open source intrusion prevention system that uses rules to detect and prevent malicious network activity.

0

snort

Snort is an open source intrusion prevention system that uses rules to detect and prevent malicious network activity.

0

+2

tcpdump & libpcap

A powerful command-line packet analyzer and a portable C/C++ library for network traffic capture with comprehensive documentation.

0

tcpdump & libpcap

A powerful command-line packet analyzer and a portable C/C++ library for network traffic capture with comprehensive documentation.

0

+1

The Practice of Network Security Monitoring

A comprehensive guide to network security monitoring, teaching readers how to detect and respond to intrusions using open source software and vendor-neutral tools.

0

The Practice of Network Security Monitoring

A comprehensive guide to network security monitoring, teaching readers how to detect and respond to intrusions using open source software and vendor-neutral tools.

0

+2