Arkime
Arkime is an open-source network capture and analysis tool designed to augment existing security infrastructure. It stores and indexes network traffic in standard PCAP format, offering full network visibility to security teams. The tool is scalable, capable of handling hundreds of gigabits per second when deployed across multiple clustered systems. Arkime features a Sessions page for viewing indexed sessions, a powerful search functionality, and the ability to export results as PCAP or CSV. It includes an SPI (Session Profile Information) View for analyzing unique values of captured fields, and an SPI Graph page for temporal views of top unique field values. The Connections page provides a network graph visualization of search results. Additionally, Arkime offers a Parliament application for monitoring multiple Arkime clusters and a Cont3xt application for gathering contextual intelligence during technical investigations.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A Burp extension to detect alias traversal via NGINX misconfiguration at scale.
A python tool for discovering endpoints, parameters, and wordlists in a given target
A honeypot that emulates a Belkin N300 Home Wireless router with default setup to observe traffic
Open source software for leveraging insights from flow and packet analysis to identify potential security threats or attacks.
Tcpreplay is a suite of Open Source utilities for editing and replaying captured network traffic.
Suricata offers real-time intrusion detection, intrusion prevention, and network monitoring.
A website scanner that provides a sandbox for the web, allowing users to scan URLs and websites for potential threats and vulnerabilities.
netsniff-ng is a free Linux networking toolkit with zero-copy mechanisms for network development, analysis, and auditing.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.