Packet Analysis
Browse 18 packet analysis tools
FEATURED
Network traffic monitoring solution with real-time analysis and visibility
Network traffic monitoring solution with real-time analysis and visibility
SIEM-integrated NDR platform for network traffic monitoring and threat detection
SIEM-integrated NDR platform for network traffic monitoring and threat detection
Network traffic broker for visibility, monitoring, and traffic optimization
Network traffic broker for visibility, monitoring, and traffic optimization
Red Hand Analyzer is an online tool that provides automated behavioral analysis of PCAP files to detect malicious network activities and security vulnerabilities without decrypting traffic content.
Red Hand Analyzer is an online tool that provides automated behavioral analysis of PCAP files to detect malicious network activities and security vulnerabilities without decrypting traffic content.
InternalBlue is a Bluetooth experimentation framework that enables low-level firmware interaction with Broadcom chips for security research and attack prototype development.
InternalBlue is a Bluetooth experimentation framework that enables low-level firmware interaction with Broadcom chips for security research and attack prototype development.
A Zeek-based protocol analyzer that parses GQUIC traffic to extract connection metadata and create fingerprints for detecting anomalous network behavior.
A Zeek-based protocol analyzer that parses GQUIC traffic to extract connection metadata and create fingerprints for detecting anomalous network behavior.
Apache Spot is an open source big data platform that analyzes network flows and packet data to identify security threats and provide visibility into enterprise computing environments.
Apache Spot is an open source big data platform that analyzes network flows and packet data to identify security threats and provide visibility into enterprise computing environments.
A foundational guide for using deception against computer network adversaries using honeypots to detect adversaries before they accomplish their goals.
A foundational guide for using deception against computer network adversaries using honeypots to detect adversaries before they accomplish their goals.
A reverse engineering tool that extracts and organizes Samsung ODIN3 protocol messages from USB packet captures into human-readable files.
A reverse engineering tool that extracts and organizes Samsung ODIN3 protocol messages from USB packet captures into human-readable files.
A tool that reads IP packets from the network or a tcpdump save file and writes an ASCII summary of the packet data.
A tool that reads IP packets from the network or a tcpdump save file and writes an ASCII summary of the packet data.
Zeek Remote desktop fingerprinting script for fingerprinting Remote Desktop clients.
Zeek Remote desktop fingerprinting script for fingerprinting Remote Desktop clients.
A multiplatform C++ library for capturing, parsing, and crafting network packets with support for various network protocols.
A multiplatform C++ library for capturing, parsing, and crafting network packets with support for various network protocols.
RedWarden is a Cobalt Strike C2 reverse proxy that uses packet inspection and malleable profile correlation to evade detection by security controls during red team operations.
RedWarden is a Cobalt Strike C2 reverse proxy that uses packet inspection and malleable profile correlation to evade detection by security controls during red team operations.
A command-line tool that allows SQL queries to be executed directly on PCAP files for network traffic analysis with support for multiple output formats.
A command-line tool that allows SQL queries to be executed directly on PCAP files for network traffic analysis with support for multiple output formats.
A comprehensive guide to network security monitoring, teaching readers how to detect and respond to intrusions using open source software and vendor-neutral tools.
A comprehensive guide to network security monitoring, teaching readers how to detect and respond to intrusions using open source software and vendor-neutral tools.
CIRTKit is a DFIR console built on the Viper Framework that integrates various forensic tools and provides modules for packet analysis, memory analysis, and automated incident response workflows.
CIRTKit is a DFIR console built on the Viper Framework that integrates various forensic tools and provides modules for packet analysis, memory analysis, and automated incident response workflows.
Stenographer is a high-performance full-packet-capture utility for intrusion detection and incident response purposes.
Stenographer is a high-performance full-packet-capture utility for intrusion detection and incident response purposes.
An open source packet capture and forwarding tool that captures network packets on one machine and sends them to another for remote monitoring and analysis.
An open source packet capture and forwarding tool that captures network packets on one machine and sends them to another for remote monitoring and analysis.
