12 tools and resources
Open source software for leveraging insights from flow and packet analysis to identify potential security threats or attacks.
A foundational guide for using deception against computer network adversaries using honeypots to detect adversaries before they accomplish their goals.
A tool that reads IP packets from the network or a tcpdump save file and writes an ASCII summary of the packet data.
Zeek Remote desktop fingerprinting script for fingerprinting Remote Desktop clients.
A multiplatform C++ library for capturing, parsing, and crafting network packets with support for various network protocols.
Snort is an open source intrusion prevention system that uses rules to detect and prevent malicious network activity.
A powerful command-line packet analyzer and a portable C/C++ library for network traffic capture with comprehensive documentation.
A comprehensive guide to network security monitoring, teaching readers how to detect and respond to intrusions using open source software and vendor-neutral tools.
A DFIR console integrating various cybersecurity tools and frameworks for efficient incident response.
Stenographer is a high-performance full-packet-capture utility for intrusion detection and incident response purposes.
Netis Cloud Probe is an open source project for capturing and analyzing network packets across different machines.
Monitors network traffic for suspicious activity and alerts when potential threats are detected.
