Packet Analysis
Browse 49 packet analysis tools
FEATURED
Network packet broker that aggregates & distributes traffic to security tools.
PCAP-based network traffic analysis service for threat detection.
Network defense certification training with hands-on labs and exam
GIAC Certified Intrusion Analyst (GCIA) certification training bootcamp
Real-time network detection with post-compromise forensics capabilities
Network traffic monitoring solution with real-time analysis and visibility
SIEM-integrated NDR platform for network traffic monitoring and threat detection
Network traffic broker for visibility, monitoring, and traffic optimization
Red Hand Analyzer is an online tool that provides automated behavioral analysis of PCAP files to detect malicious network activities and security vulnerabilities without decrypting traffic content.
Snort is an open-source network intrusion detection and prevention system that analyzes traffic in real-time to identify and block malicious activity using rule-based detection methods.
InternalBlue is a Bluetooth experimentation framework that enables low-level firmware interaction with Broadcom chips for security research and attack prototype development.
A Zeek-based protocol analyzer that parses GQUIC traffic to extract connection metadata and create fingerprints for detecting anomalous network behavior.
Apache Spot is an open source big data platform that analyzes network flows and packet data to identify security threats and provide visibility into enterprise computing environments.
A foundational guide for using deception against computer network adversaries using honeypots to detect adversaries before they accomplish their goals.
A reverse engineering tool that extracts and organizes Samsung ODIN3 protocol messages from USB packet captures into human-readable files.
A tool that reads IP packets from the network or a tcpdump save file and writes an ASCII summary of the packet data.
Zeek Remote desktop fingerprinting script for fingerprinting Remote Desktop clients.
A multiplatform C++ library for capturing, parsing, and crafting network packets with support for various network protocols.
RedWarden is a Cobalt Strike C2 reverse proxy that uses packet inspection and malleable profile correlation to evade detection by security controls during red team operations.
A command-line tool that allows SQL queries to be executed directly on PCAP files for network traffic analysis with support for multiple output formats.
A comprehensive guide to network security monitoring, teaching readers how to detect and respond to intrusions using open source software and vendor-neutral tools.
CIRTKit is a DFIR console built on the Viper Framework that integrates various forensic tools and provides modules for packet analysis, memory analysis, and automated incident response workflows.
Stenographer is a high-performance full-packet-capture utility for intrusion detection and incident response purposes.
