LogRythm NetMon Logo

LogRythm NetMon

0
Commercial
Visit Website

LogRhythm NetMon is a network traffic analytics tool designed for comprehensive network monitoring and threat detection. Key features include: 1. True Application Identification: Automatically identifies over 3,500 applications using advanced classification methods and deep packet inspection. 2. SmartFlow: Provides detailed packet metadata derived from each network session. 3. Full Packet Capture: Captures and stores network traffic in PCAP format for layers 2-7. 4. REST API: Allows integration with third-party tools for custom automations. 5. Deep Packet Analytics (DPA): Correlates against full packet payload and SmartFlow data using pre-built and customizable rules. 6. SmartCapture: Automatically captures sessions based on application or packet content. 7. Customizable Dashboards: Offers saved searches with automated alerts for continuous monitoring. 8. Unstructured Search: Enables drilling down to critical packet and flow data using an Elasticsearch backend. 9. Email Reconstruction: Supports malware analysis and data loss monitoring by reconstructing email attachments. 10. Deep Packet Inspection (DPI): Identifies and categorizes thousands of applications at wire speed, populating metadata fields. 11. Pattern Matching and Heuristics: Analyzes and extracts Layer 2-7 network data using various methods. 12. Automated Threat Detection: Recognizes PII, credit card information, port and protocol mismatches, and other indicators of inappropriate data movement.

FEATURES

ALTERNATIVES

netsniff-ng is a free Linux networking toolkit with zero-copy mechanisms for network development, analysis, and auditing.

A command line tool for running SQL queries on PCAP files with various output options and a simplistic web-server.

An information gathering tool for DNS, subdomains, ports, and directories enumeration.

A Burp Suite extension that formats GraphQL requests for easier reading

Network metadata capture and analysis tool

An API for constructing and injecting network packets with additional functionality.

Stenographer is a high-performance full-packet-capture utility for intrusion detection and incident response purposes.

A Burp extension to detect alias traversal via NGINX misconfiguration at scale.

PINNED