Joy Logo

Joy

0
Free
Visit Website

A package for capturing and analyzing network flow data and intraflow data, for network research, forensics, and security monitoring. Joy is a BSD-licensed libpcap-based software package for extracting data features from live network traffic or packet capture (pcap) files, using a flow-oriented model similar to that of IPFIX or Netflow, and then representing these data features in JSON. It also contains analysis tools that can be applied to these data files. Joy can be used to explore data at scale, especially security and threat-relevant data. JSON is used in order to make the output easily consumable by data analysis tools. While the JSON output files are somewhat verbose, they are reasonably small, and they respond well to compression. Joy can be configured to obtain intraflow data, that is, data and information about events that occur within a network flow, including: the sequence of lengths and arrival times of IP packets, up to some configurable number of packets. the empirical probabilit

FEATURES

ALTERNATIVES

Libnids is an implementation of an E-component of Network Intrusion Detection System that emulates the IP stack of Linux 2.0.x and offers IP defragmentation, TCP stream assembly, and TCP port scan detection.

Safing Portmaster is an open-source application firewall that monitors network connections, blocks trackers system-wide, and allows custom filtering rules at both global and per-application levels.

SentryPeer is a fraud detection tool that monitors and detects fraudulent activities on SIP servers, capturing IP addresses and phone numbers of suspicious activities and providing a notification system to service providers.

Passive SSL client fingerprinting tool using handshake analysis.

Cilium is a networking, observability, and security solution with an eBPF-based dataplane.

A tool to discover new target domains using Content Security Policy

Fast, smart, effective port scanner with extensive extendability and adaptive learning.

A high-level C++ library for creating and decoding network packets with a Scapy-like interface.

PINNED