Arkime is an open-source network capture and analysis tool designed to augment existing security infrastructure. It stores and indexes network traffic in standard PCAP format, offering full network visibility to security teams. The tool is scalable, capable of handling hundreds of gigabits per second when deployed across multiple clustered systems. Arkime features a Sessions page for viewing indexed sessions, a powerful search functionality, and the ability to export results as PCAP or CSV. It includes an SPI (Session Profile Information) View for analyzing unique values of captured fields, and an SPI Graph page for temporal views of top unique field values. The Connections page provides a network graph visualization of search results. Additionally, Arkime offers a Parliament application for monitoring multiple Arkime clusters and a Cont3xt application for gathering contextual intelligence during technical investigations.
FEATURES
This tool is not verified yet and doesn't have listed features.
Did you submit the verified tool? Sign in to add features.
Are you the author? Claim the tool by clicking the icon above. After claiming, you can add features.
ALTERNATIVES
LogRhythm NetMon is a network traffic analytics tool that provides real-time visibility, automated threat detection, and investigation capabilities for organizational networks.
A high-level C++ library for creating and decoding network packets with a Scapy-like interface.
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
SSHGuard protects hosts from brute-force attacks by monitoring system logs, detecting attacks, and blocking attackers using a firewall.
An open source platform for secure remote access management with granular access control and fast speeds.
A service for better visibility on networking issues in Kubernetes clusters by detecting traffic denied by iptables.